Cloud improves data security for event security business

In 2020, ResponSec set out to achieve ISO/IEC 27001, an international standard around managing information security. As a global event security services business, obtaining this accreditation would reassure ResponSec’s clients of the safe handling of their data, as well as open up opportunities to new contracts requiring these standards, including those within the public sector.

Unfortunately, ResponSec’s legacy on-premise infrastructure was posing difficulties when obtaining this accreditation, as they were unable to provide substantial evidence that their data was safe from the risks of cyber-crime. Furthermore, ResponSec were finding it challenging to manage internal security policies and devices, as a business that encouraged a BYOD (Bring Your Own Device) culture.

“Before partnering with Virtuoso, we were working on an extremely outdated system with an unreliable server, which on occasion slowed us down and did not meet the needs of our rapidly expanding business.” Owen Blackwood, Operations Manager

Having achieved the ISO/IEC 27001 themselves, Virtuoso were chosen to work alongside ResponSec to ensure their technical set-up met the necessary requirements to achieve this standard. Virtuoso have 10+ years’ experience in IT transformation projects; diminishing costly, unsecure on-premise servers and introducing secure cloud-based solutions is Virtuoso’s forte, which made them a perfect technology partner to modernise ResponSec’s legacy infrastructure.

After conducting a comprehensive review of ResponSec’s IT environment, Virtuoso concluded that they would find value in Microsoft 365 Business. By harnessing this cloud-based suite of products ResponSec would escape the problems that come with on-premise infrastructure and benefit from a more secure and flexible way of working.

Virtuoso began by migrating ResponSec’s email to Outlook and all files to SharePoint. The automated encryption of SharePoint data immediately enhanced ResponSec’s data security, whilst simultaneously centralising their administration, via seamless file and document management. Virtuoso also introduced Microsoft Teams, a platform that would act as ResponSec’s universal hub for cross-departmental communication and collaboration.

“As a business, migrating to Microsoft 365 has enabled us to modernise the way we use information technology, its great for our team members to be able to link and use all their devices in the same way, especially, in a time where flexible working is the new norm. It’s a lot easier pick up where we left off and we’ve been able to remove the use of portable data devices, which if lost cannot be replaced and can possibly cause a serious data breach.” Owen Blackwood, Operations Manager

In an effort to strengthen ResponSec’s overall security posture, Virtuoso upgraded their business owned devices from Windows 7 Pro to 10 Pro, whilst configuring best-in-class security policies that were implemented prior to migration to ensure their business data would be secure throughout the project.

“Virtuoso assisted us with configuring policies that would ensure we achieved the highest level of information security and promoted a culture where the management of information security is now at the core of ResponSec’s business values.” Owen Blackwood, Operations Manager

Despite Microsoft 365 already obtaining extremely high levels of security, Virtuoso took extra measures to ensure the protection of ResponSec’s data. AvePoint Cloud BackUp was integrated to ensure all Microsoft 365 components would be backed up, four times a day. Exploiting the advanced retention policies features within AvePoint, Virtuoso customised ResponSec’s policies to ensure data was securely retained for the appropriate period of time to ensure compliance.

Before migrating data into the Microsoft 365 ecosystem, Virtuoso employed Microsoft Intune, a cloud-based endpoint management tool, to enable conditional access across business and personal devices and to roll-out MFA (multi-factor authentication), which would act as another layer of security for those working remotely or embracing BYOD at ResponSec. As a Microsoft Gold Partner, Virtuoso were able to seamlessly introduce auto-pilot functions to enrol and set-up new Windows devices, making onboarding processes for new starters smoother and more secure.

Managing their new cloud environment and reviewing policies was made easy with the use of Hub 365, Virtuoso’s end-user service platform. ResponSec could access information around policy compliance, licence usage and device health, as well as gain insight into security activity, such as encryption statuses and anti-virus protection. This platform became a valuable resource for ResponSec when gathering information to achieve ISO/IEC 27001.

“With the help from Hub 365, we now have visibility of the status of all our devices, we can see a plethora of information relating to our systems and policies, whether it be a failed update, a data breach, or an encryption issue. Additionally, the team find it easy to raise and log any IT issues with the support team.” Owen Blackwood, Operations Manager