Canada’s #1 Most Trusted Brand Strengthens Data Security While Simplifying Workflows with Qostodian Recon

Canada’s #1 Most Trusted Brand Strengthens Data Security While Simplifying Workflows with Qostodian Recon.

Product

Industry

Insurance

Location

Ontario, Canada

The client

CAA Club Group

The CAA Club Group of Companies is comprised of two automobile clubs providing roadside assistance, travel, insurance services, and Member savings for over 2.2 million members. It also includes the CAA Insurance company, a national property and casualty insurance company; Echelon Insurance, a national specialty insurer; and the Orion Travel Insurance Company.

Highlights

The Challenge

Named the most trusted brand in Canada in 2021, CAA’s information security team is serious about safeguarding member data, meeting compliance regulations, and enforcing data governance best practices. However, the team found their existing data security tool both labor and time-intensive to maintain.

The Challenge

The Solution

The IT team at CAA selected Qostodian Recon to safeguard their data and their reputation. Installing Recon required one click and two minutes of installation, and the solution’s lightweight technology required zero costly overhead to run. Recon was able to offer the fastest time to value, while greatly simplifying workflows.

The Solution

The Results

CAA’s IT team received the answers they needed up to 50x faster, while enjoying unparalleled data clarity and ease of use. With Recon, the team is now able to get answers quickly, triage faster, and get to the real security issues.

The Results

One of the main reasons we switched to Qohash, is because of the simplicity it offers. Qohash gets me answers quicker, while requiring fewer resources. It takes less time to install, less time and money to maintain, and yet scans 10x faster.

-George Plytas, Head of Information Security, CAA Club Group

The Challenge

Named the most trusted brand in Canada in 2021 by the Gustavson Brand Trust Index, CAA is serious about maintaining hard-earned customer trust – and their good reputation.

Driven both by fierce customer loyalty, as well as the auditing and compliance requirements that govern the industries in which they operate, for CAA, having a strong data governance program is non-negotiable.

The ongoing process of discovering, classifying and categorizing the sensitive data entrusted to them by their members is essential to maintaining compliance. CAA’s information security team routinely scans data, and maintains a complete and up-to-date inventory of sensitive data within the organization.

Additionally, in order to meet PCI compliance requirements, CAA enforces strict policies, including one that governs where personal information can be stored.

While they had an existing tool in place to help meet compliance needs, maintaining it was labor and time-intensive.

“We have a limited time window when people are connected to the network,” says George.
“It was a lot easier when people were working on desktops and working from the office because we could scan on a 24/7 basis. Now, we need to be able to cover the majority of local drives within eight hours.”

George and his team began looking for alternatives.

The Solution

After careful consideration of the tools available on the market, George and his team chose Qostodian Recon.

“The simplicity of Recon is what attracted me to it. After running tests, we found we were able to get the answers we needed 10 to 50x faster, with less overhead, infrastructure, and maintenance activity required,” says George.

More than just a faster scan, the installation and setup of Qostodian Recon were also quick. In fact, George was able to do the installation himself. “It was as easy as installing a productivity app. I simply pointed it at the location that I wanted, and hit the scan button,” states George.

George and his team have also benefited from the cost savings of no longer needing to maintain major infrastructure, as Recon’s lightweight, modern technology does not require a costly setup to work. “Going from a very, very complex environment with web servers, database servers, and application servers to Recon was night and day.”

He adds, “When you implement a new tool, you want to get the most out of it in the shortest amount of time. With the other tools, it took us three months to set up the environment. If you’re paying a certain amount and you’re losing a quarter of that time on setup, you’ve lost a quarter of your investment.”

Recon made data discovery so easy that the information security team was able to employ their security analyst intern to pull reports. “With the Recon tool, any analyst can scan data repositories very, very quickly and with good accuracy,” George says.

Using Recon’s reports, George’s team was able to contact individual managers and provide direction. “Recon simplifies my complex role by allowing me to use a tool that works with a lot of agents. The user interface is very well laid-out, and finding information is easy. The dashboard helps us very quickly decide where to focus our time and attention,” he says.

The Result

For George, the speed at which Recon scans data makes a difference. Now he knows the answer in a day, and can remediate problems quickly.

“My biggest concern is being able to identify risk as quickly as possible. Getting an answer quicker gives me the ability to prioritize and triage faster, and get to the real security issues.”

In addition to the ability to strategically prioritize with confidence, with less time and resources going towards maintenance, George and his team have increased productivity. While continuing to perform even more comprehensive scheduled scans across all locations, his team has been able to introduce ad-hoc scanning.

A major win for George and his team, they’ve been able to simplify their workflows, ensure that employees and associates adhere to information security practices, and meet audit requirements. Armed with the ability to track data elements, CAA can identify repeat offenders and enforce its internal compliance policy.

“If there are results, we get them right away. One of the things Recon helps us continually validate is that credit card numbers are not inadvertently stored on a notepad or a shared drive.”

According to George, “It’s a real game-changer for us at CAA.”

CASE STUDIES