“Operating in the construction sector introduces additional vulnerabilities,” says Kevin Dreyer, I.T. Director and Chief Information Security Officer at Maple Reinders Group. “Because we cooperate a lot with third-party vendors, contractors, and subcontractors, we have a signifi- cant number of potential entry points that expose us to attackers.” This system underscores the importance of safeguarding against threats like ransomware and phishing, prompting the company to focus on prevention and improve its cybersecurity stance.
Lateral Visibility in a Remote Setting
Maple Reinders main challenge was ensuring comprehensive, cost-effective visibility and threat response across scattered locations. The organization had relied on an expensive solution whose price significantly increased with every additional module needed—some- times at 50% to 100%. Additionally, while the system handled endpoint-specific incidents effectively, it didn’t provide the full picture of what was happening across multiple machines.
“If a malicious activity on one compromised device attempted to move laterally to an- other, the previous solution wouldn’t flag it unless it showed up on the second device,” Dreyer says. “The lack of lateral movement visibility was a major concern for us, as it left potential gaps in identifying broader attack patterns.” This led to an unsettling feeling of uncertainty and a persistent sense of vulnerability, as he was unable to investigate and address suspicious network behaviors.
When looking for a better solution, Dreyer consulted several third parties, and the over- whelming consensus was that SentinelOne offered superior coverage at a comparable price point. “’SentinelOne is the future of endpoint security’—I vividly recall receiving this advice during a casual moment, which solidified my decision to transition to SentinelOne. I was assured that the solution aligned with our modern security needs and strategies.”
Improved Security Despite Disconnections
Maple Reinders rolled out the SentinelOne Singularity Platform as a cornerstone of its security strategy to protect hundreds of endpoints, many of them remote. The platform integrates advanced Endpoint Detection and Response (EDR) capabilities with automated threat detection and automatic remediation, offering robust protection for laptops and other devices. “One essential benefit is that we can secure endpoints even when devices are disconnected from the internet—unlike other solutions that rely heavily on cloud connectivity. Alerts and updates are synchronized once connectivity is restored. This reliability is critical for our remote job sites, where internet access can be intermittent,” Dreyer says.
SentinelOne has had an enormous impact on how the company manages remote sites securely. When IT administrators detect a high-severity alert, they can immediately isolate the affected device, preventing any threat from spreading across the company’s network. This process can be executed remotely, whether the device is located on a construction site, in a remote office, or even in an area with limited connectivity. Dreyer’s team can also triage the issue by running scripts or using remote control tools to assess and remediate threats without endangering other endpoints.
“Securing devices that are not joined to the company’s primary domain is an additional benefit,” Dreyer says. “For example, we intentionally leave some machines off our domain, such as remote computers used for tasks like playing videos or accessing shared video- conference accounts. Even without Active Directory integration, these devices remain secure and patched by SentinelOne. This ensures they pose no security risk, as we can monitor their activity and remotely lock them if they are misused or lost.”
Advanced Correlation for Operational Integrity
To bolster its cybersecurity stance, Maple Reinders also deployed SentinelOne Singularity Data Lake. The solution aggregates, correlates, and analyzes telemetry data from a wide variety of sources—endpoints, cloud workloads, and network devices. With the system, Dreyer has increased visibility and security across Maple’s distributed worksites. He can also detect and address potential threats, such as unauthorized USB usage or malware on field devices, ensuring the safety of sensitive project data. By consolidating logs and telemetry into a single platform, his team simplifies monitoring through a unified view of security across all locations.
“With the Singularity Platform, we quickly query logs to investigate anomalies or breaches, such as suspicious device activity, to reduce downtime and mitigate risks,” Dreyer says. “Its advanced correlation capabilities provide clear audit trails, which is particularly valuable for us to safeguard Maple’s operational integrity and align with regulatory requirements in construction and infrastructure projects.”
Improved, Cost-Effective Management
With SentinelOne, Maple Reinders has been able to maintain robust security while keeping IT staffing levels unchanged and avoiding extra costs for eight years. “With automation and effective security management, we don’t need to hire additional specialists or look for more senior analysts,” Dreyer says.
Looking to the future, the company is considering implementing SentinelOne Purple AI, an artificial intelligence (AI)- powered security solution. According to Dreyer, this will be “a game-changer in simplifying complex data analysis. It could enable quick answers to detailed queries, improving reporting to executives, the board, and end users.”
SentinelOne played a crucial role in Maple Reinders’ early 2024 designation as one of Canada’s Best Managed Companies. “All the automated capabilities of SentinelOne allow our staff to prioritize critical issues without sacrificing work-life balance,” Dreyer says. “This efficiency contributes to this recognition, as we can enhance employee well-being and operational resilience for a more connected and satisfied workforce.”
