How Blancco hardened its global security with SoftwareOne

Unlocking the full value of Microsoft security investments

Blancco is a prominent cybersecurity company specializing in scalable data erasure and IT asset processing solutions for enterprises and industry service providers. With more than 20 global offices across 16 different countries, Blancco operates worldwide with a sophisticated internal cybersecurity posture and a dedicated internal cyber operations team.

However, even for a technically sophisticated organization, the pace of change in Microsoft security tooling, identity protection, and endpoint hardening creates constant pressure to keep up. By partnering with SoftwareOne, Blancco gained a structured, ongoing way to sharpen its Microsoft security environment, reduce administrative complexity, and make more effective use of the capabilities available through its Microsoft E5 licenses.

“We already had a great stack of security tools in our suite of products that we use and deploy,” says Pekka Kinnunen, Information Security Engineer at Blancco. “But there were a lot of fine-tuning opportunities and ways to make things easier for our admins to manage.”

Blancco had standardized security on Microsoft E5 licenses for approximately 350 employees before engaging SoftwareOne. While the licenses provided access to a broad range of advanced security and management capabilities, implementing and managing those tools effectively required specialized expertise and ongoing operational focus.

“We thought we might not be utilizing everything that is available for us from Microsoft," Kinnunen says. “With E5 licenses, Microsoft offers such a big variety of software features and tools. It’s a lot to implement. And of course, when you implement, you want to follow best practices.”

SoftwareOne helped Blancco bridge that gap.

From security tooling to continuous security maturity

SoftwareOne’s Managed Security Posture offering is not a one-time project or a fixed deployment. It is a continuous, advisory-led service built around Microsoft technologies such as Microsoft 365, Microsoft Entra, Microsoft Defender, and Intune. The model is designed for organizations that want to strengthen their workplace IT environment across identities, email, endpoints, and applications, while retaining control over final decisions and rollout timing.

“We kicked off in November 2025,” says Kinnunen. “We basically gave SoftwareOne access to our environment and let them take a look at what we had implemented, what they could improve upon, and what recommendations they had.”

From there, the engagement evolved into a structured, continuous improvement program. SoftwareOne and Blancco established a cadence of quarterly strategic reviews combined with regular technical working sessions and biweekly implementation calls. “We look at our maturity every quarter,” Kinnunen says. “During those quarterly calls, we set up the things we want to improve upon.”

One of the earliest initiatives involved modernizing email security policies within Microsoft Exchange Online.

Previously, Blancco had managed numerous custom rules internally, which increased administrative overhead and complexity.

“We might have multiple rules for the same things, and then we needed to update multiple rules to make a single change.”

SoftwareOne recommended transitioning toward Microsoft’s standardized security baselines and preset protection policies instead.

“They helped us unify it by implementing baseline policies introduced by Microsoft,” Kinnunen explains. “That lessens the admin overhead because admins don’t need to jump between different rules to make changes.”

The same principle was later extended to endpoint security using Microsoft Intune.

SoftwareOne also advised Blancco on deployment best practices, including staged rollouts using pilot groups and ring-based deployment strategies to minimize operational risk.

SoftwareOne tracks progress through a maturity model that breaks security improvement into manageable steps. Blancco uses that structure to assess where it stands across three main pillars: identity, application, and endpoint security. “We review this progress quarterly, as I said, and set a priority area for each cycle,” Kinnunen says.

“We have a list of controls that we want to implement,” he continues, “and when we implement those controls, our security score rises on each of those three pillars. This gives me actual datapoints to report to my managers.”

The maturity model helps Blancco focus on the fundamentals first. Conditional access, blocking risky login methods, standardizing email protection, and hardening Windows endpoints all fit into a phased roadmap that emphasizes practical gains. Kinnunen describes the quarterly process as a way to work toward a security score that reflects the right balance between protection and usability.

That balance matters because the strongest security setting is not always the best one. Kinnunen notes that pushing controls too far can make the environment cumbersome for end users. SoftwareOne helps Blancco find the “sweet spot” where improved protection still supports efficient work.