Joplin School District Improves their Cybersecurity Posture with Managed Detection & Response

Download Case Study

The Challenge

The Joplin School District came to us knowing that they had work to do to improve their cybersecurity posture. They were using legacy cybersecurity tools like a next generation firewall with an intrusion prevention module, antivirus on endpoints, and basic vulnerability patching. They saw multiple municipalities and school districts falling victim to ransomware attacks. An industry veteran and the network administrator for the Joplin School District, Vince Crossley, wanted to be proactive and make sure that they were not the next victim on the news due to a lack of visibility and response capability. He and his team are responsible for keeping technology operational and secure so that Joplin can educate over 7,000 students.

We know we have a huge attack surface and there are many ways a cybercriminal could gain access to our network. My assumption is that we can never prevent malware from getting into our network. We need the tools in place to detect malware as it’s attempting to spread through our network and be able to take an active response. We are not manned 24/7, we were looking for a product that would have an automated and assisted response from an in-cloud SOC provider that could take action off hours and on weekends.


Our Solution

The Pondurance Managed Detection and Response (MDR) was the right fit for the Joplin School District. Our MDR platform is able to ingest endpoint, log, network, and IoT data through a combination of an Endpoint Detection and Response (EDR) platform, network sensors, and a log collector. We monitor data and respond to threats detected from their tech stack consisting of enterprise-grade HP/ Aruba, VMware, and Microsoft products, as well as a range of other internet-connected devices like Smart TVs and Chromebooks. All of the data that is ingested across the environment is analyzed and correlated against multiple sources of threat intelligence, enabling our SOC to detect, investigate, and respond to any threats or unusual activity. Joplin has a robust network of over 7,000 student devices, 1,000 staff devices, and 20 servers that are needed to deliver education across their district. Handling response to malicious findings across that many endpoints is a significant challenge so it made sense for Joplin to include SentinelOne, an EDR platform. SentinelOne gives the Pondurance’s Security Operations Center (SOC) deeper visibility to investigate indicators of compromise (IoCs), including signatures, recorded/alerted by the endpoint to gain a better analysis of the potential threat.


The Results

The school district now has 24/7 monitoring with immediate reaction from Pondurance’s Security Operations Center (SOC).The district evaluated other leading cybersecurity products and services to compare capability, comprehensiveness, and alignment to their needs. Pondurance MDR was the best overall solution with the most comprehensive coverage at an optimal total cost of ownership. Joplin’s IT leadership ultimately saved the district money and resources by adopting Pondurance MDR rather than trying to procure, integrate, manage, and monitor individual technologies themselves. Hiring staff to provide 24/7 coverage to detect and respond to cyber threats can cost several multiples of the cost of Pondurance MDR.

Overall, they spent less than $200,000 annually to fully protect their network and bring the students and staff peace of mind.

We wanted a MDR that could protect more than our Windows and Mac operating devices. We have a lot of IoT devices and Chrome devices like Chromebooks. Pondurance’s network solution gives good coverage for IoT through a network sensor and network log aggregation. This gives a total network view of threats that are developing and might try to spread.


The Benefits of Pondurance MDR

  • Stop security incidents through 24/7 detection and response.

  • Maximize internal resources and security investments.

  • Improve compliance through reporting.

  • Increase visibility into alerts that require action.

  • Rapidly accelerate security program maturity.

  • Lower total cost of ownership.


Learn more about managed detection and response in our info sheet: Managed Detection and Response (MDR)

About Pondurance

Pondurance delivers world-class managed detection and response services to industries facing today’s most pressing and dynamic cybersecurity challenges including ransomware, complex compliance requirements and digital transformation accelerated by a distributed workforce.

By combining our advanced platform with our experienced team of analysts we continuously hunt, investigate, validate and contain threats so your own team can focus on what matters most.

Pondurance experts include seasoned security operations analysts, digital forensics and incident response professionals and compliance and security strategists who provide always-on services to customers seeking broader visibility, faster response and containment and more unified risk management for their organizations.