ODC is an IT services and consulting company based in northern France supporting small businesses, SMEs in the Côte d’Opale region for over 30 years. With 40 employees, the firm manages a portfolio of some 400 businesses in industry, retail, logistics, health and accounting, as well as local authorities. ODC has established itself as a strategic partner for companies looking to shape and manage their IT strategy. Their expertise covers three key areas: IT infrastructure, business management solutions, and payroll/HRIS systems. This positioning is backed by trusted industry certifications such as ExpertCyber, OVHcloud Partner status, and credentials from ANSSI.
In recent years, ODC has helped countless organizations migrate to the cloud, freeing themselves from infrastructure that is all too often complicated to maintain, scale and secure. Today, the company operates a fleet of nearly 700 mostly Windows-based virtual machines, but decided to outsource operations and security.
So, who did ODC turn to? Rudder, of course, and its security and compliance automation solution. Head of Cloud & Cybersecurity at ODC, Adrien Leroy, tells us more.
Rudder: the answer to automation needs
ODC’s teams manage a large fleet of Windows machines, spread across different client environments. “We used to spend a great deal of time updating virtual machines and carrying out compliance checks, so we were in dire need of automation.”
In fact, ODC previously ran updates manually, client by client, significantly restricting the number they could cover within the timeframe:
“We used to run updates once a month. It took a whole day just to update machines for 4 to 5 customers. The updates were installed manually, then we had to wait for the machines to restart and, finally, we had to carry out checks.”
The need for automation was also part of a broader hardening and compliance drive. Security audits were carried out on the spot, once or twice a year for some clients, all depending on staff availability. “There just wasn’t enough time, because systems have a natural tendency to drift.”
ODC sought a solution that could integrate these compliance checks into a continuous, more responsive, and traceable process. “Ultimately, we wanted to manage compliance practically day by day, not wait every two or three months. ”
Proper patch management strategy ‒ thanks to Rudder
“Before Rudder, we were patching machines as best as we could, but without standardizing processes.” Now, ODC teams have a true strategy in place, with Patch and Vulnerability Management, which includes:
- a monthly update campaign, run on the last Thursday of the month;
- scheduled automatic updates for simple patches – no more manual reboots overnight;
- a dashboard that tracks updates – for a single overview of actions in progress and the results of patch campaigns.
The results speak for themselves: deadlines are met, there are fewer surprises, less manual work is needed, and audits are generated without the stress. Patch management no longer relies on the team’s memory, goodwill, or availability, but on a clear, visible strategy with everyone on board.
Rudder ensures compliance
On top of a patch management solution, ODC also uses Security Configuration Management to continuously monitor machines’ hardening status. Notably, they use Rudder in Audit mode to identify cases of drift, without automatic remediation. “Most of the time, remediation is carried out manually, except when it’s just a case of restarting a service, for example.”
ODC has set itself a compliance target of over 90% on all security rules defined and enforced by Rudder. “When a gap crops up, it is identified and processed before it impacts production.”
Rudder’s solution has found its way to the heart of ODC’s operations, and teams now check the dashboard every single day. If the compliance rate drops, they can step in and take action right away.
More efficiency and more reliability
One of Rudder’s first major impacts for teams at ODC saved them time by eliminating most manual patch management tasks. Patch management is no longer a case of doing the same thing over and over again, with minimal value. “Now, teams are more confident in checking that everything still works after a patch is applied. Because when you do things manually, you run the risk of human error. A tool can’t get it wrong.”
Thanks to Rudder, ODC has streamlined its update campaigns. Now they are easily scheduled, automated, and tracked through a dashboard. Reliability has rocketed, but it has also brought clarity, which makes a world of difference when it comes to auditing the machines.
Last but not least, Rudder has improved operational transparency ‒ a huge advantage in multi-client management. “We can see who installed the updates and who applied the patches. Rudder just makes life easier, but it also boosts the overall quality of our service and our reputation with our customers.”
