When your business provides a critical mobile communications platform for many of the largest global banks, as well as numerous healthcare institutions and government agencies, you need advanced security capabilities.
Movius offers MultiLine, an app that creates a second phone line on an existing device, allowing communications on popular voice and messaging channels and automatically encrypting and documenting all conversations, chats and texts. Organizations choose MultiLine because it allows their employees to communicate with customers in efficient, convenient ways while complying with stringent industry regulations on record-keeping. It also supports corporate sustainability goals by helping reduce the waste and energy consumption of providing separate business phones.
Of course, before customers will onboard MultiLine, they need to know it can keep their data safe. “It’s one of the very first things that customers want to know when they talk to us,” says Bill Pettit, Head of Cloud Infrastructure & IT at Movius. “With the customer base that we serve, there are potentially sensitive conversations going on. Our security and compliance postures are in place to ensure we protect that information.”
Just as MultiLine’s capabilities allow customers to comply with retention rules, the technologies and processes underpinning the app must comply with the stringent data-security regulations applied to banking, healthcare, government and other industries. MultiLine is a SaaS solution used by organizations around the world, it has many different partner integrations, and it includes an AI-based support line for maintaining excellent call quality. “To have a strong security posture,” says Pettit, “we have to tie all those pieces together and manage threats proactively.”
“The time to identify and remediate threats is critical,” adds Chethan Visweswar, Chief Product Officer at Movius. “If time to remediation goes up, we’d risk losing the trust of our customers.”
In the early days of MultiLine, Movius investigated a few security information and event management (SIEM) solutions, but its strong relationship with IBM, based on deploying MultiLine on IBM Cloud®, led it to choose IBM Security® QRadar® SIEM as its central security platform.
“It’s a single pane of glass to understand what’s going on within our network,” explains Pettit. “We’ve taken all our different data streams that have relevant security information and tied them into QRadar, which allows us to have insight into any type of security threats or potential user behavior issues.”
“And we see threats all the time,” Pettit continues. “People are always looking for a way in. Fortunately, by using QRadar, we can detect and investigate potential threats in a seamless, easy-to-use interface, and we are able to proactively, quickly determine if they’re real and rapidly mitigate anything serious to help ensure we’re protecting our services and our customers’ data.”
Movius also uses QRadar’s machine learning based user-behavior analytics (UBA) capability. “UBA gives us visibility into behavior within our organization,” says Pettit. “It calls out any changes in behavior or anomalies, so we can determine if there’s an incident—like stolen credentials, for example—and then take action on it.”
Movius attributes a range of valuable benefits to its work with QRadar SIEM:
Faster threat identification and remediation: Movius estimates that it’s at least 10x more efficient at incident investigation. “It’s a direct replacement of the time that people would be manually chasing different logs and sources, triaging events, and identifying threats,” says Pettit. “And I don’t think it would be possible for our team to cover all of that without a leading SIEM like QRadar.”
Cost savings: “Not only in the amount of people-time it saves, but it saves cost to the business too,” says Pettit. “Without having a proven SIEM in place, we’d leave ourselves exposed to threats and data loss.”
Regulatory compliance: Movius is certified compliant with the ISO/IEC 27001 international information-security standard, and SOC 2 Type II and HIPAA Type 1 information-security control standards. “A large part of those certifications are around security,” explains Pettit. “And because of what we’ve done with IBM and QRadar, we’re able to show evidence and go through those sections of the certifications relatively quickly.”
Customer assurance: Some Movius customers conduct Third-party Oversight (TPO) vendor-risk assessments. According to Pettit, “It always leads back to, ‘What is your stance around security and compliance?’ And QRadar is a key part of that.”
A more strategic approach to cybersecurity: “From a day-to-day work experience perspective, after we put QRadar in place, it changed the dynamic of how we thought about security,” Pettit recounts. “We put more thought into how we’ll continue to evolve our security posture, rather than worrying about it from a very reactive, tactical perspective.”
Support for carbon reduction: The security capabilities backing MultiLine give more organizations the green light to adopt the platform and contribute to their environmental, social and governance (ESG) goals. “Every single phone removed from the workplace equates into 81 kilograms of CO2 equivalence a year,” says John Rarrick, Head of Marketing at Movius. “Multiply that by all of the MultiLine users out there, and we’ve been able to help our clients significantly reduce their carbon footprints.”
And all of this means that Movius can devote more time and energy to what’s most important for its business. “We want to focus on building a great experience for our customers,” says Visweswar. “And you can’t focus on that if you’re not confident in your security posture, because you’ll be thinking constantly about what could happen next. QRadar allows us to confidently move forward without the fear of the unknown.”
Movius (link resides outside of ibm.com) is the leading global provider in cloud-based secure mobile communications software, helping enterprises deliver better engagement for their clients. Enterprises around the world use the company’s all-in-one mobility platform to connect with their customers in more convenient, cost-effective and compliant ways. Movius is headquartered in Atlanta.
© Copyright IBM Corporation 2024. IBM Corporation, IBM Security, New Orchard Road, Armonk, NY 10504.
Produced in United States of America, January 2024.
IBM, the IBM logo, ibm.com, IBM Cloud, IBM Security, and QRadar are trademarks or registered trademarks of International Business Machines Corporation, in the United States and/or other countries. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on ibm.com/legal/copyright-trademark.
This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates.
All client examples cited or described are presented as illustrations of the manner in which some clients have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics will vary depending on individual client configurations and conditions. Generally expected results cannot be provided as each client's results will depend entirely on the client's systems and services ordered. THE INFORMATION IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided.
Statement of Good Security Practices: No IT system or product should be considered completely secure, and no single product, service or security measure can be completely effective in preventing improper use or access. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.