How A-Core Concrete sets a solid foundation for preemptive security

A special breed of company — even though it has a relatively small number of employees — does very big jobs with those lean and often distributed workforces.

A perfect example of such a concentrated and efficient business is A-Core Concrete Specialists, which builds large and complex structures across the Western United States.

When it comes to managing IT, the lean-and-mean mantra also holds true. The jack-of-all-trades requirements means that the IT leadership of it is often the head of security.

As a prime example, that’s another way that A-Core Concrete shines.

Today’s BriefingsDirect security innovations discussion examines how A-Core Concrete has created a security culture that relies on centralized administration, proactive insights, and rapid remediation to successfully assure that the whole company operates at peak performance.

Here to share the story of how to best balance resilient security with the efficient use of human capital and resources is Andy Black, Chief Information Officer (CIO) at A-Core Concrete Specialists Inc., in Salt Lake City. The discussion is moderated by Dana Gardner, Principal Analyst at Interarbor Solutions.

Here are some excerpts:

Gardner: How does your management and IT approach allow A-Core Concrete to best meet its security objectives?

Black: A-Core Concrete operates in seven different states within the Western United States. We have 13 offices throughout the Western U.S., and our main corporate headquarters is in Salt Lake City, Utah.

From there, we run the majority of the businesses. Each division operates independently. There are some that operate branch sites in various states and others where we don’t actually have offices. So, we need to provide a lot of remote capabilities and access to IT at all of these various locations.

When I came aboard several years ago, I determined the best answer was not to have a central data center where all of our servers and applications were housed. That just made it more complex for every one of those locations to gain access to the main facility. Because we also were growing rapidly, I needed the ability to expand the business quickly and plug in a new location really fast.

If I had to establish a direct virtual private network (VPN) connection back to our main data center at the main corporate headquarters, it probably wasn’t going to work well. So, instead we decided to migrate all of our servers and the environment to the Microsoft Azure cloud and set up each office location with VPN connections up to that Azure cloud environment.

That’s enabled us to operate lean and more securely. Each office has a secure connection to our primary applications via remote access. And all of our people operating remotely on mobile devices and laptops are also able to gain access to our cloud-based environment.

That’s basically how we’ve configured our IT environment so every physical location — as well as all of our remote workers – can have secure access into all of our cloud-based resources.

Gardner: Andy, we hear so much these days about remote work and whether that’s the right fit for the long-term. Seems to me what’s most important is gaining the flexibility and the agility to be location-independent. You can always get the work done regardless of where the people are.

What were some of the challenges you faced to maintain your security requirements, even with 13 offices – and more remote locations — spread around the country?

Keep clients safe across the Western U.S.

Black: Well, a great example that comes to mind is we are currently working on one of the largest renovation projects in the country, the Church of Jesus Christ of Latter-day Saints temple renovation project in downtown Salt Lake City. That project involves a lot of very intense and technical work. We’re lifting the entire temple off of the ground to install earthquake prevention materials. Within the facility, we’re drilling holes down the sides of the temple. Of course, this is an historic landmark, so we have to retain and protect the facility.

But we’re working on that job site in conjunction with other companies. We are a subcontractor in partnership with the main host organization that is doing a lot of the construction. And so, we have our managers and our administrators working in the other companies’ offices and trailers. And so, we rely on those other companies’ internet connections for the majority of their work and yet our people still need to have access to our main company IT resources.

For them, for example, we have set up a VPN client that they load onto their individual computers, so they can simply rely on that internet connection and still tap into our Microsoft Azure cloud… Read Full Article

By Dana Gardner

Source

Originally posted on February 8, 2023 @ 8:50 pm