Eviosys is now part of Sonoco
Our Objectives
- Foster a culture of cybersecurity among all employees.
- Anticipate risks.
- Implement a zero-trust network architecture strategy (never trust, always verify) in line with our digital transformation roadmap.
- Follow all GDPR directives and ensure data protection.
2023 Achievements
We made several enhancements to cybersecurity at Eviosys in 2023 and progressed along our digital transformation roadmap. • We rolled out a secure remote desk protocol (RDP) for all third-party access via a fully managed seamless RDP and Secure Shell (SSH) service, providing access without exposure. • The transition of our systems to SD-Wan is 97% complete, in support of our Zero-Trust Network Architecture.
• We strengthened multi-factor authentification (MFA) by establishing additional security steps to gain access to privileged and user accounts, including numbermatching (instead of just an approval notification).
• Business Continuity Management (BCM) and incident response plans across our business (supply chain, cybersecurity, facilities management, and others) were made more robust, in partnership with our insurance providers.
• We strengthened our platform hardening by deploying attack surface reduction and ransomware protection. This works alongside our managed detection and response (MDR) platform by analysing in real-time each script or service call.
• Measures were taken to continue to improve our Email security. The volume of phishing and spam emails received by our hygiene platform are significantly below the industry average.
• We have increased our monitoring and alerting capabilities by developing deep visibility into our platforms. The log types we ingest and work on include EDR, M365, and Firewall & Email.
• We improved our Privileged Account Security by reducing the overall number of privileged roles assigned by favoring the use of service specific roles.

Action Plan for 2024
We continue the process of adopting a NIST cybersecurity framework, which is currently in the implementation phase. Our priorities in 2024 include the implementation of a modern identity access management (IAM) platform, capable of integrating third party applications for onboarding and offboarding.
We also plan to deploy further authentification improvements in order to enhance the protection of Eviosys systems, and to continue to improve and modernize the networking standards at our plants. We are working to enable hardware-based isolation of web applications.
We will also meet the required timeframe for finalizing the separation of our systems (platforms and authentification protocols) from those of our Russian subsidiaries. Our employees will continue to benefit from training in the ares of phishing, security-based training, and tailgating among others.