Shirley Finnerty
Former M365 Lead
As ISO 27001 certification is the gold standard internationally for information security management and GDPR compliance, it takes time, investment and collaboration with domain experts to achieve it.
“ISO 27001 is the certification road you go on,” explains Stephen Quinn, ICT specialist at Crowleys DFK. “The starting point is device safety, and mobile device and application management.”
This is the road you go on. The starting point is device safety, and mobile device and application management.
For Crowleys DFK, the natural choice to handle these business-critical concerns was to work with Microsoft Gold Security Partner & MISA member, CWSI, to implement Microsoft Intune, which is part of Microsoft Endpoint Manager. “We’re a Microsoft house, so it made sense for us to leverage those tools. For example, we rolled out Teams, which was a big change for an accountancy organisation.”
As the firm provides vital tax, audit, financial advisory and business consulting services to both public and private sector clients, a high level of trust is crucial for its client relationships. Clients who share confidential information need to be completely confident that Crowleys DFK can safeguard it.
“It’s really important for us to enable that collaborative work environment securely,” says Stephen. “We don’t have any appetite for risk. Security must be the primary focus of everything we do.”
“Clients trust us when they give us access to their data. We must carry out due diligence on any tools we use to allow us to work securely and in a remote environment.”
With Intune in place, Crowleys DFK could secure devices and manage applications so that its employees could access confidential information on their mobile devices. “We gained a ‘single pane of glass view’ and a zero trust environment, really giving us the enhanced visibility and security we needed,” adds Stephen.
To ensure its Intune rollout was finely calibrated for both its security and remote working needs, Crowleys DFK required an expert partner and chose to work with Gold Microsoft Security Partners and security experts, CWSI.
“They were our preferred option as they have the expertise and the knowledge in this area,” says Stephen.
CWSI already has ISO 27001 certification. Knowing it had achieved this benchmark was reassuring in itself to Crowleys DFK, as was the knowledge it could work collaboratively with CWSI.
Crowleys DFK and CWSI worked together to develop a roadmap for a three-phase project, with the Intune implementation as phase 1. It also enabled the firm to unlock other possibilities involving cloud and SaaS applications as it sought to move away from the on-premise environment.
An immediate benefit to Crowleys DFK was the ability Intune gave it to centrally manage updates and apps on all devices, ensuring a consistent company-wide approach.
Stephen and his colleagues can now make changes in one fell swoop rather than having to call each remotely working employee individually.
Richard Kavanagh from CWSI agrees that partnership is the key to success in these implementations. “We don’t just give clients a solution,” he says. “We look at their roadmap and where we can help them on their journey.
“Not all SMEs were looking at digital transformation or a hybrid working environment before the pandemic, but now they must. We’ve all spent the last 20 or 30 years making sure that laptops are secure and compliant, but now you should be able to do exactly the same things on your mobile device as your laptop, so those devices need to be secure,” he adds.
“Now you should be able to do exactly the same things on your mobile device as your laptop, so devices need to be secure”
Confident in their device and application security, Crowleys DFK is now looking ahead to the next phase of its journey to ISO 27001 certification, which will involve implementing Defender for Office365 with Office Advanced Threat Protection and Identity Management with Azure Active Directory.
If you’d like to find out more about the security solutions CWSI provides, or take a FREE Modern Remote Working Security Assessment, visit: Fast Check | CWSI
Security Considerations for a Hybrid Working Environment
Over the past 20 months, we’ve seen significant changes in the cyber security threat landscape that are having a major impact on organisations of every size in every sector. The frequency and sophistication of cyber events have increased significantly. Unfortunately, this has security implications, which need to be closely managed to mitigate the risks across the organisation. Microsoft recently released […]
Des Ryan
Solutions Director
