-
Client
NRMA
-
Industry
Transport
-
State
NSW
NRMA
The NRMA has a heritage of over 100 years of keeping Australians moving, with resilience woven through its DNA. In recent years, it’s made moves to substantially enhance its digital resilience through the implementation of robust technology foundations with performance and security front and centre. With over 4,000 employees in 150 locations, Chris Swadling, Senior Manager of Infrastructure at NRMA, and his team are responsible for the infrastructure that supports them in their daily operations.
This work is supported by Quorum and The Cloud Collective, a group of three Microsoft partners who work together to help customers gain maximum value from their Microsoft investment. Working with the Cloud Collective, NRMA has benefited from a Microsoft 365 E5 licence which delivers a slew of additional security and data governance features for the organisation.
‘It’s been a privilege to work with NRMA, to really understand the challenges that the organisation faces, and then together to blueprint and deliver a digital foundation that meets today’s needs and also evergreens NRMA for the future,’ said Mark McLean, Managing Director of Quorum.
Challenges
As a brand focused on trustworthiness, customer loyalty and trust are paramount. NRMA’s board and senior leaders are continually looking for ways to improve their security posture, delivering further protections to members, customers and the brand alike.
Results
By using Microsoft Secure Score as the baseline, NRMA has been able to monitor improvements as changes were implemented. Their work with Quorum also enabled a pivot towards remote work during COVID-19 lockdowns, with security added via tools such as Conditional Access and MFA in front of their VPN technology, helping to further secure an increasingly distributed team.
As COVID-related workplace changes have brought initiatives forward ahead of schedule, Quorum has facilitated flexible delivery of projects to move NRMA away from reliance on physical locations and networks and into an identity-centric model.
‘Our new mantra is “work is a thing you do, not a place you go”,’ says Swadling. ‘Ensuring we have the appropriate security in place is key to us achieving this.’
Solutions
- NRMA identified opportunities to improve security, compliance and data government posture across the Group, looking to achieve this without impacting the ability of their team to work and collaborate.
- Working alongside Quorum, these strategic security developments include:
PIM (Privileged Identity Management) and PAM (Privileged Access Management)- Advanced Threat Protection
- End-Point Detection and Response (EDR)
- Cloud App Security
- Azure Information Protection (AIP)
- Conditional Access and Multi Factor Authentication (MFA)
- And a pilot of Azure Sentinel.
- The transitions were relatively seamless for the end users amongst NRMA’s staff, while equipping the technology team with more visibility about what’s taking place across the organisation, with the option to implement controls more rapidly. Automation and autonomy within these toolsets also alleviate pressure on NRMA’s internal team on a regular basis. It was a six-month process from the initial conversation with Quorum to their present
technical capabilities, with further developments planned to continue to increase their security posture.
