How Firesand Helped Eurovine Become (and Stay!) GDPR-Compliant
At a Glance:
- IT recruiter Eurovine approached multiple providers to help it gain GDPR compliance
- Firesand was chosen to design and deploy a complete, compliant cloud data / apps solution
- Firesand enabled Eurovine to attain respected Cyber Essentials Plus compliance status
- Eurovine enjoy all the compliance benefits of a DPO (Data Protection Officer), through Firesand’s DPO as A Service, at much lower cost
- Compliance has enabled Eurovine to preserve key client confidence and enhance productivity How Firesand Helped Eurovine Become (and Stay!) GDPR-Compliant
Eurovine (www.eurovineit.com) is a specialist IT recruitment consultancy that has been supplying skilled technical personnel to leading commercial property and real estate clients in the UK, including FTSE100 organisations, since 2009.
In April 2018, the General Data Protection Regulation (GDPR) imposed strict new requirements on how businesses use and protect personally identifiable data.
Eurovine founder and Director Danny Whelan explains: “We hold thousands of CVs on file. GDPR not only transformed how we would need to store and secure this data in our systems, it meant we had to appoint a Data Protection Officer to oversee compliance, too.”
Both upheavals presented a challenge for Eurovine. The DPO role is complex and requires senior expertise, whilst technical changes that a DPO might deem necessary can be extensive.
“Our problem” says Whelan, “was that we had a long-term strategy to appoint a GDPR and DPO specialist, but hiring a full-time DPO in-house was prohibitively costly. At the same time, non-compliance would damage our credibility with key clients.”
Eurovine turned to Firesand for a solution to its dual challenges: achieving and maintaining compliance, cost-effectively.
- Achieving compliance – Firesand performed a complete information audit to establish where, how, and why personally identifiable data was held, accessed and managed across Eurovine’s business.
- They carried out penetration testing to establish where data could be vulnerable to compromise, and deployed a unified cloud data and apps strategy (bespoke Microsoft Azure framework, Office 365, OneDrive) across all devices, platforms and storage, to prevent it.
- Firesand’s education and training helped Eurovine achieve Cyber Essentials Plus – a Government-backed security accreditation highly regarded by key clients.
- Maintaining compliance – Firesand’s DPO as a Service enabled Eurovine to offset compliance costs by delivering all the expertise that an in-house DPO would, in return for a cost-effective monthly fee, rather than a premium salary bill.
- DPO as a Service constantly monitors, tracks and reports on Eurovine’s privacy capabilities, with Data Loss Prevention (to prevent data from going where it shouldn’t), automatic data retention enforcement (to ensure data is not kept longer than it should be), and Data Subject Request (DSR) / Subject Access Request (SAR) Management (a legal requirement of GDPR).
Outcomes and Results
Whelan says Firesand’s expertise has delivered compliance and increased data security but also maintains it has enhanced the business’s efficiency and reputation , too.
“All data is now secured in the cloud, all devices are encrypted and can be remotely locked and wiped, and Firesand constantly monitor for data issues – just like a good DPO should, but at considerably lower cost!” he remarks.
“But also, I can now work remotely and securely, from any desktop and device, in any location, and see exactly the same screen, data and apps each time. We couldn’t get that kind of productivity uplift when our IT, data and security weren’t unified.”
“Both myself and my fellow director Patricia want to say a massive thank you to all at Firesand for their patience, commitment and dedication in getting us to a position of robust ongoing security and compliance that even a much larger business would be proud of.”
“What Firesand has delivered”, concludes Whelan, “adds credibility to our engagement with key clients, so we’re not just securing our data – we’re securing our revenues, too.”
For more information on how Firesand could help your business, get in touch.