MullenLowe Simplifies Compliance Reporting With Egnyte API Integrations
MullenLowe needs to support secure file collaboration across the globe. See how Egnyte has improved the user experience while providing IT with centralized control over document sharing, retention and compliance.
MullenLowe is a marketing and communications firm with offices around the world, including headquarters in London and Boston. It works with some of the biggest brands in retail, life sciences and entertainment, so it needs a secure, easy-to-use platform that supports seamless collaboration.
MullenLowe has relied on Egnyte to fill that need for the past five years. What started as a means to support a small group of users has exploded into near-universal adoption of the cloud-based file system in response to demand across departments. And MullenLowe continues to find creative ways to maximize its use of the platform, as it increasingly relies on Egnyte’s integrations to address compliance requirements.
Challenge: Supporting Modern File Collaboration
Due to the nature of its work, MullenLowe’s users need to collaborate on large numbers of files with a range of clients. At the same time, IT needs to keep the data secure and maintain visibility as various parties interact with those files.
Mark Lewis, Global Infrastructure & Security Director at MullenLowe, and his team looked at a range of options, including Box and Dropbox. They considered Google Drive, and while its security features were solid, they were too cumbersome to manage for his small team. They also looked at Microsoft, but OneDrive didn’t meet the needs of an enterprise file share, Lewis said.
SharePoint, meanwhile, was too clunky and would have required a team of .Net developers, according to Lewis. It was also too easy to share public links and access folders, which could potentially expose client’s data.
“As an IT organisation, we don't have visibility into what's stored on the Google Drives of our users, which makes it difficult to perform data audits. This, along with a lack of granular sharing controls, makes Google the wild west from a security point of view.”
File server replacement is a competitive market, and with some of the biggest names in the industry not meeting the mark, MullenLowe found its solution quite by accident.
"As soon as people started seeing what we could do with Egnyte, it just exploded... Egnyte’s open architecture and APIs allow us to take full advantage of best-in-class cloud solutions. We’re going to do even more of this in the future.”
Global Infrastructure & Security Director, MullenLowe
Solution: An Unexpected Pick that Checks All the Boxes
MullenLowe first deployed Egnyte in 2017 for a small group that needed to replace another vendor’s cloud-based storage and collaboration service. Egnyte ticked all the boxes for the group’s needs, including web access and robust collaboration and security features. It wasn’t intended to be a company-wide file server replacement, but after a successful pilot program, other groups wanted to use it as well, Lewis said.
"As soon as people started seeing what we could do with Egnyte, it just exploded,” Lewis said. “We went from 30 to 400 users in a matter of months.”
The Egnyte rollout started in smaller international offices and soon spread to its larger footprints, including the 1,200-person Boston office. In its London headquarters, MullenLowe opted to move 90 TB of data to Egnyte rather than purchase a new storage area network (SAN). It still keeps some larger creative work on premises for latency reasons, but it’s looking at Egnyte’s Smart Cache as a potential solution there.
Egnyte provides the visibility and security that can’t be found in other platforms, but MullenLowe is taking it a step further by leveraging the platform’s public APIs.
Benefits: Next-Level Compliance and Centralized Control
Today, Egnyte serves as the single source of truth for most of the company’s users, enabling better auditing, automated reporting into its SOC, and centralized visibility for IT.
Lewis pointed to a number of other features that set Egnyte apart, including data retention policies and rollbacks in the event of a ransomware attack or other events that could corrupt important files. They’re also leveraging the enhanced co-editing features for desktop clients working in Microsoft 365, which helps to further improve user collaboration.
MullenLowe is able to easily respond to Data Subject Access Requests (DSARs) and flag data for GDPR and CCPA compliance. And Lewis’s team is starting to incorporate dynamic end-to-end encryption and Secure Delivery, which gives an additional layer of protection for files downloaded via links.
Going forward, Lewis said he’s most excited about several projects that will build conduits from Egnyte to other cloud-based services. These initiatives will take some of the load off IT while improving their overall compliance and security efforts.
For example, MullenLowe is subject to SOX compliance. It’s a process that needs to be repeated continuously, and the company has historically relied on a hodgepodge of reporting techniques. To alleviate these issues and consolidate the process, the dev team is building a compliance tool in AWS that will use Egnyte as the backend. Whenever something is saved, the evidence will move into Egnyte folders for review by the compliance team.
“Egnyte’s open architecture and APIs allow us to take full advantage of best-in-class cloud solutions. We’re going to do even more of this in the future,” Lewis said.
Another project will pull all the information from the Egnyte Public API into a Power BI dashboard. Egnyte collects data that is then analyzed, filtered and prioritized, which is enough for most customers. But the public API exposes the raw data for even deeper analysis and correlation with other systems across the company.
MullenLowe plans to leverage Egnyte to further parse and analyze the data for reports on anomalous activity, permissions, and access across sites and users. That data will be used to analyze file relationships, such as how many people in the Boston office have external file shares.
Lewis and his team conduct biannual reviews of the platform to validate its suitability and security capabilities. They keep coming back to Egnyte because of its centralized control and how it supports auditing. Moreover, it saves his limited staff time and money, especially compared to alternatives that require a team of administrators to manage.
“Egnyte is as close to fire-and-forget as you can be for the system that we have,” he said.
At a Glance
Marketing and communications
(HQ) Boston, USA and London, UK
Sharing and collaboration, data security, compliance and audit, apps and integrations