By completing the first phase of its journey to ISO 27001 certification with a Microsoft Intune implementation, leading Irish firm of chartered accountants and tax advisors, Crowleys DFK can reassure its clients of exceptional data security practices.
As ISO 27001 certification is the gold standard internationally for information security management and GDPR compliance, it takes time, investment and collaboration with domain experts to achieve it.
“ISO 27001 is the certification road you go on,” explains Stephen Quinn, ICT specialist at Crowleys DFK. “The starting point is device safety, and mobile device and application management.”
This is the road you go on. The starting point is device safety, and mobile device and application management.
For Crowleys DFK, the natural choice to handle these business-critical concerns was to work with Microsoft Gold Security Partner & MISA member, CWSI, to implement Microsoft Intune, which is part of Microsoft Endpoint Manager. “We’re a Microsoft house, so it made sense for us to leverage those tools. For example, we rolled out Teams, which was a big change for an accountancy organisation.”
Trust vital to clients
As the firm provides vital tax, audit, financial advisory and business consulting services to both public and private sector clients, a high level of trust is crucial for its client relationships. Clients who share confidential information need to be completely confident that Crowleys DFK can safeguard it.
“It’s really important for us to enable that collaborative work environment securely,” says Stephen. “We don’t have any appetite for risk. Security must be the primary focus of everything we do.”
“Clients trust us when they give us access to their data. We must carry out due diligence on any tools we use to allow us to work securely and in a remote environment.”
With Intune in place, Crowleys DFK could secure devices and manage applications so that its employees could access confidential information on their mobile devices. “We gained a ‘single pane of glass view’ and a zero trust environment, really giving us the enhanced visibility and security we needed,” adds Stephen.
Enabling a successful partner collaboration
To ensure its Intune rollout was finely calibrated for both its security and remote working needs, Crowleys DFK required an expert partner and chose to work with Gold Microsoft Security Partners and security experts, CWSI.
“They were our preferred option as they have the expertise and the knowledge in this area,” says Stephen.
CWSI already has ISO 27001 certification. Knowing it had achieved this benchmark was reassuring in itself to Crowleys DFK, as was the knowledge it could work collaboratively with CWSI.
Crowleys DFK and CWSI worked together to develop a roadmap for a three-phase project, with the Intune implementation as phase 1. It also enabled the firm to unlock other possibilities involving cloud and SaaS applications as it sought to move away from the on-premise environment.
Reliable consistent and improved efficiency
An immediate benefit to Crowleys DFK was the ability Intune gave it to centrally manage updates and apps on all devices, ensuring a consistent company-wide approach.
Stephen and his colleagues can now make changes in one fell swoop rather than having to call each remotely working employee individually.
Working together on the path to ISO 27001
Richard Kavanagh from CWSI agrees that partnership is the key to success in these implementations. “We don’t just give clients a solution,” he says. “We look at their roadmap and where we can help them on their journey.
“Not all SMEs were looking at digital transformation or a hybrid working environment before the pandemic, but now they must. We’ve all spent the last 20 or 30 years making sure that laptops are secure and compliant, but now you should be able to do exactly the same things on your mobile device as your laptop, so those devices need to be secure,” he adds.
“Now you should be able to do exactly the same things on your mobile device as your laptop, so devices need to be secure”
Confident in their device and application security, Crowleys DFK is now looking ahead to the next phase of its journey to ISO 27001 certification, which will involve implementing Defender for Office365 with Office Advanced Threat Protection and Identity Management with Azure Active Directory.
If you’d like to find out more about the security solutions CWSI provides, or take a FREE Modern Remote Working Security Assessment, visit: Fast Check | CWSI