What Optimal Risk Group Achieved with Egnyte:
- Drove new business by providing peace of mind to security-focused clients
- Accelerated progress toward ISO 27001 compliance
- Made internal file storage and access more efficient
“If you’re worried about any kind of cyberattack, or file backups, or migrating to the cloud, or ISO 27001 compliance, you need to speak to Egnyte right away.”
Director • Optimal Risk Group
Optimal Risk Group provides security risk management consulting for some of the world’s most complex and high-profile customer engagements. For example, the London-based provider of tailored risk management services oversees the physical and digital security of clients ranging from banking datacenters, critical national infrastructure, and high-net-worth individuals.
Partnering with Egnyte has empowered Optimal Risk to fulfill their top obligation: providing clients with complete confidence that their sensitive data is protected by smart policies and cybersecurity measures.
Challenge: High-Stakes Security Demands Powerful Technology
When it comes to physical and digital security for Optimal Risk’s clients, the stakes couldn’t be higher. “The organisations we advise include critical national infrastructure that provide vital public services, like processing clean water and transporting natural gas,” explains Mike O’Neill, Group Managing Director at Optimal Risk Group. “What keeps the operators of these assets up at night is the idea of their information being insecurely passed between stakeholders, which could make that information vulnerable to attacks by adversaries ranging from lone threat actors to hostile foreign governments.”
“Some of the other assets we protect are private residences ranging up to $250 million in value,” adds Rick Mounfield, Director at Optimal Risk. “Working with these homeowners involves handling a great deal of personal information, including multiple addresses, businesses, and personal travel details. They rely on us to provide total assurance that this highly sensitive information is secure.”
But the tool the team was using for data security, Microsoft SharePoint, wasn’t providing these critical assurances – neither to Optimal Risk nor to their clients. “We have a dispersed global workforce, which involves a lot of data changing hands,” comments Mounfield. “Our growth has increased the complexity of our projects and with that comes risks through data sprawl. We needed a tool that could keep that data isolated and well-governed, and SharePoint wasn’t fulfilling that need.”
Solution: Strong, Demonstrable Data Protection Through Egnyte
During Optimal Risk’s trial period with Egnyte, Mounfield realized the platform was the powerful cybersecurity solution Optimal Risk was looking for. “It was an easy sell to get Egnyte implemented across the organisation, from our consultancy to our environmental crime enforcement business to our training business,” he says.
The team found it easy to migrate files into Egnyte from SharePoint and to build a unique folder structure that fit their data management workflows. From there, they leveraged a suite of features to keep data well-protected and governed and provide stronger confidence to Optimal Risk’s clients.
- Content Lifecycle policies
The team used Egnyte to set policies for the automatic archival or deletion of sensitive files after specified intervals. As Stephen Haslett, Director of Cyber Investigation and Digital Forensics at Optimal Risk, puts it: “We’re able to confidently tell clients, for example, that certain files will be deleted after 30 days, after which only the client will possess that file. This conveys that the risk of anyone accessing the file through Optimal Risk is essentially nonexistent.”Egnyte also facilitated strong, detailed oversight throughout the content lifecycle. “Every time a folder or file is viewed, clicked, downloaded, or shared, we can see when it happened and who was involved,” Haslett says. With this level of visibility, Optimal Risk’s clients can confirm, easily and at any time, that data has never fallen into the wrong hands.
- Secure access to content
Egnyte’s secure link sharing and granular access permissions management gave the team full control over who could access highly sensitive data. “We can invite specific individuals to specific folders where they can view, download, or upload files, and set policies to prevent others from accessing that folder,” explains O’Neill. Haslett adds: “We can also share individual files with clients through secure, controlled links that only they can access, and that expire after a certain interval.”
- ISO 27001 compliance
With cyberattacks on the rise, firms like Optimal Risk are in jeopardy of losing clients if they don’t comply with ISO 27001, the global standard for information security management. The visibility Egnyte provided into how content was managed, accessed, modified, and exchanged enabled the Optimal Risk team to demonstrate their adherence to ISO 27001. Stuart Crighton, Senior Consultant at Optimal Risk, also recognized the ways Egnyte could be used internally to further strengthen the company’s compliance. “Within Egnyte, I can see exactly who has read a given document that’s necessary for ISO compliance,” Crighton says. “I can also see who hasn’t read it yet, so I can give them a nudge.”
“We showed [potential clients] exactly how, with Egnyte, they could control access to folders, view and download data, and confirm that content was properly deleted at the end of a project... We won the contract soon after.”
Group Managing Director • Optimal Risk Group
Benefits: Stronger Security Drives New Business Growth
Partnering with Egnyte has empowered Optimal Risk to solidify their reputation as a leading security risk management consultancy protecting some of the world’s most high-value assets. “We’re all about authenticity,” says Mounfield. “Other companies make promises that their clients’ data is secure but can’t demonstrate it like we can with Egnyte. When a client asks us to confirm that their data has been removed from all external IT, I can use Egnyte’s governance features to show them exactly who worked on that data and when it was erased.”
The peace of mind Optimal Risk’s clients enjoy has yielded concrete business benefits. O’Neill offers a powerful example: “We recently met with some operators of category-5 critical national infrastructure sites – the highest security level – who were extremely nervous about their security being compromised and data ending up in the wrong hands. We showed them exactly how, with Egnyte, they could control access to folders, view and download data, and confirm that content was properly deleted at the end of a project. When they saw this, we could actually see them become more relaxed. Egnyte made them confident that we were the right company to work with. We won the contract soon after.”
That confidence doesn’t just extend to Optimal Risk’s clients – the internal team feels it as well. Charlie Swanson, Learning and Development Lead, explains the impact Egnyte has had in his department: “We store all our resources in Egnyte. This sounds risky from a security perspective, but Egnyte is such a strong system that we’re confident in storing all our content there. This allows learners to easily access their portfolios from a single, centralized location, with full confidence that it’s protected throughout its lifecycle.”
For the team at Optimal Risk, working with Egnyte is a simple matter of practicing what they preach. As a company whose mission is to strengthen security and manage their clients’ vulnerabilities across sectors, Optimal saw no other choice but to partner with a solution that could deliver what Egnyte offered. As Mounfield puts it: “I always tell our clients, as well as other security professionals, that if you’re worried about any kind of cyberattack, or vulnerability, or file backups, or migrating to the cloud, or ISO 27001 compliance, you need to speak to Egnyte right away.”