Research Hub > A Small Manufacturer Modernized Endpoint Security With Managed Services

June 11, 2026

Case Study
9 min

A Small Manufacturer Modernized Endpoint Security With Managed Services

CDW managed services offering aimed at small businesses helped the company add enterprise-grade security without expanding its IT team.

Wylie Wong

A small building materials manufacturer recently needed to bolster its cybersecurity posture in two ways. 

First, it wanted to replace its existing endpoint security tool with a Microsoft security solution that would fit its broader Microsoft environment. Second, the company faced a more difficult issue: With a seven-person IT team, it didn’t have the staff for 24/7 security monitoring and response, and its existing managed services provider (MSP) wasn’t meeting its needs. 

The previous MSP did not offer specific service level agreements or clear commitments for remediation and reporting. The small business also did not have direct control over its own Microsoft tenant, which slowed daily operations. For instance, IT depended on the MSP to add more Microsoft licenses for new hires, which took days (sometimes weeks) for a response.

“They were acting as a managed security service provider (MSSP) without actually providing the security,” says Jake Schreiber, a cybersecurity adviser at CDW. 

The manufacturer wanted to standardize its endpoint detection and response (EDR) capabilities on Microsoft Defender. It also needed a new managed detection and response (MDR) service to provide continuous monitoring and threat response. And it wanted better visibility and control of its own environment.

To meet those needs, the small company sought CDW’s help to deploy Microsoft Defender for Endpoint Plan 2 within Microsoft E5 licenses and to sign up for a managed security service to monitor its environment around the clock.

“They can go to sleep on Friday night and not worry that there’s going to be a breach because they know CDW is going to take care of security for them,” says Alicia Meyer Dykstra, a small business account manager at CDW.

Standardizing on Microsoft Defender

This past winter, when Dykstra inherited the small manufacturer as a client and met its IT leadership for the first time, what began as a casual conversation about CDW’s capabilities became an impromptu, full-blown executive briefing as she walked the customer through CDW’s offerings in detail.

The IT leaders liked what they heard. Afterward, they shared with Dykstra the company’s planned IT projects for the upcoming year. 

“They gave me a long list of projects that they had for the year, which gave me the green light to get to work,” she says.

First on the list was endpoint security. The manufacturer has federal contracts that require a baseline level of security. But like many small businesses, its lean IT team needed outside expertise to defend against increasingly sophisticated threats, from ransomware and phishing to credential-based attacks. Dykstra brought in Schreiber to lead the security conversation.

The small business had the critical tools in place, including an existing EDR product, a next-generation firewall and a phishing simulation and security training service. But it wanted to change its EDR to Microsoft Defender for Endpoint Plan 2 as part of a broader move to upgrade to Microsoft E5 licensing.

Plan 2 is Microsoft’s upgraded tier of endpoint protection, adding EDR, automated investigation and remediation, threat and vulnerability management, threat intelligence, and sandboxing. 

Replacing the previous EDR was not a technology decision because the platform wasn’t doing its job, Schreiber says. Moving to Defender and upgrading licensing is a smarter use of resources because the company gains access to more Microsoft applications and security tools, he adds. 

“They’re going to get so much more out of the E5 package than they could get with any other endpoint security solution,” Schreiber says. 

The manufacturer is predominantly a Windows-based organization, from PCs and warehouse systems to server infrastructure. It purchased the E5 licensing from CDW and installed Defender in January 2026, securing its computers and servers. 

With E5 licensing, the company now has access to additional security capabilities it can deploy over time, including cloud app security, Microsoft Purview data loss prevention (DLP) and Microsoft Defender for Office 365, which protects against ransomware, email phishing and other threats. 

“As the dust settles, that’s definitely a path that we can take with them,” Schreiber says. “We don’t want to overwhelm a customer by any means. But those are areas of growth. Needless to say, in terms of software, it gives them 80% to 90% of what they need on a daily basis.” 

As part of the E5 license, CDW is providing its own Inscape phishing simulation and security training service, allowing the company to drop the stand-alone training subscription it had been paying for separately, Dykstra says.

3 Stages of CDW's Managed Security Approach

CDW Cybersecurity Adviser Jake Schreiber describes the company's managed security service for small businesses as a three-part delivery model:

Icon

Observation. The CDW managed services team continuously monitors a customer’s security telemetry, detects threats and ingests alerts around the clock.

Icon

Operation. The team triages alerts and investigates, performs incident response and contains any issues found. The team also fine-tunes security policies to improve detection and escalates issues with vendors when needed.

Icon

Optimization. The team proactively hunts for threats, works to reduce false positives and to strengthen the overall security posture, along with reporting and governance.

3 Stages of CDW's Managed Security Approach

CDW Cybersecurity Adviser Jake Schreiber describes the company's managed security service for small businesses as a three-part delivery model:

Icon

Observation. The CDW managed services team continuously monitors a customer’s security telemetry, detects threats and ingests alerts around the clock.

Icon

Operation. The team triages alerts and investigates, performs incident response and contains any issues found. The team also fine-tunes security policies to improve detection and escalates issues with vendors when needed.

Icon

Optimization. The team proactively hunts for threats, works to reduce false positives and to strengthen the overall security posture, along with reporting and governance.

Finding the Right Managed Services Partner

With Microsoft Defender installed, the search was on for an MSP that met the manufacturer’s needs. 

“They relied on endpoint protection, but they really lacked the staff to monitor it, to tune it and respond appropriately around the clock," Schreiber says. “What they wanted to do was address the need for 24/7 monitoring and response and avoid tool sprawl.”

In meetings with CDW, the company’s IT leaders laid out three key requirements: They wanted to use Defender as their EDR; they wanted to co-manage the solution to maintain security visibility, administrative rights and control; and they didn’t want to get locked into a long-term contract.

CDW is vendor-neutral and partners with many security vendors to meet customers’ unique requirements. Schreiber recommended a managed security service that CDW recently launched specifically for small business customers. The offering provides 24/7 monitoring, alert investigation and reporting, and it works on top of security tools a customer already owns. 

The manufacturer’s IT leaders agreed it was the right solution and signed up for incident response as an add-on.

The service is designed so small organizations can get enterprise-grade managed security at an affordable price, without necessarily having to adopt an entirely new endpoint security stack. The manufacturing company went live with CDW’s MSSP in spring 2026. 

The contract terms also fit the customer’s needs. Many MDR providers operate what Schreiber calls "black box" services, in which the provider owns all decisions, the customer has limited visibility into its own environment, and contracts last for three years.

Some customers want that, but not this manufacturing company. CDW’s MSP has the flexibility the customer wanted. Now, the manufacturer has administrative access to its Microsoft tenant and full visibility. CDW's MSSP team handles continuous monitoring, behavioral threat detection, incident triage, device quarantine and remediation. The contract is for one year, then month-to-month afterward, rather than the three-year commitments common in the industry. 

“I don't know too many service contractors willing to do that,” Schreiber says. 

During the sales process, Schreiber and Dykstra introduced the customer to the CDW team that would deliver the service. By the proposal closeout meeting, the customer's IT leaders had met the CDW MSSP team several times and felt comfortable with how the deployment would work. 

“It definitely seems like a team situation, a partnership instead of a service that's being performed,” Dykstra says.

The partnership has also streamlined operations. When the manufacturer hires new employees, its IT staff can now add Microsoft licenses through CDW's customer portal rather than wait for a third-party provider to act. 

The company’s IT team also meets with the CDW MSSP team weekly to troubleshoot together. “So many security providers say they want to be an extension of your IT team. But with this service, it really is,” Dykstra says.

31%

The percentage of the managed services provider market that is now spent on managed security services, the largest of any service segment

Source: Business Research Insights, Managed Services Providers (MSP) Market Overview, May 2026

“They can go to sleep on Friday night and not worry that there’s going to be a breach because they know CDW is going to take care of security for them.”

— Alicia Meyer Dykstra, Small Business Account Manager, CDW

Maturing a Cybersecurity Program With SIEM, DLP and More

The manufacturer can add capabilities as its security needs evolve. In fact, the company recently faced a sensitive internal matter involving a suspected insider threat and asked CDW for help. 

A current employee was suspected of leaking proprietary information to an ex-employee who now works for a competitor. The company sent the computer to CDW’s digital forensics and incident response team that is separate from the MSP service, Dykstra says. 

“Because we had already built this partnership, it was a no-brainer for them to reach out to us for this other project,” she says. “It was an emergency. They were able to send the computer in, and our team is doing the forensics.”

Dykstra joins the customer's weekly calls with CDW's managed services team, and the customer’s IT leadership now brings her each new project first, including a SharePoint integration, a planned virtualization and discussions about adding CDW's Smart Hands services to provide tech support for the manufacturer's locations across the U.S.

The company is also considering adding more security capabilities in the future, such as a security information and event management platform, DLP through Microsoft Purview, and VPN as a Service for secure connectivity to remote sites, many of which CDW’s managed security services team can help monitor and manage. 

Because several of those capabilities are available through its E5 license, the customer can adopt them without significantly expanding its overall tool footprint, Schreiber says. 

As a whole, the project delivers what the manufacturer's leadership and financial stakeholders wanted most: risk management and efficiency, reducing cyber risk while getting more value from the security investments the company has already made.

Wylie Wong

CDW contributor

view more work Arrow Right
Wylie Wong is a freelance journalist who specializes in business, technology and sports. He is a regular contributor to the CDW family of technology magazines.
view more work Arrow Right