Backto Sustainability Page

Cybersecurity and Data Privacy

Our Objectives

  • Foster a culture of cybersecurity among all employees.
  • Anticipate risks.
  • Implement a zero-trust network architecture strategy (never trust, always verify) in line with our digital transformation roadmap.
  • Follow all GDPR directives and ensure data protection.

2023 Achievements

We made several enhancements to cybersecurity at Eviosys in 2023 and progressed along our digital transformation roadmap. • We rolled out a secure remote desk protocol (RDP) for all third-party access via a fully managed seamless RDP and Secure Shell (SSH) service, providing access without exposure. • The transition of our systems to SD-Wan is 97% complete, in support of our Zero-Trust Network Architecture.

• We strengthened multi-factor authentification (MFA) by establishing additional security steps to gain access to privileged and user accounts, including numbermatching (instead of just an approval notification).

• Business Continuity Management (BCM) and incident response plans across our business (supply chain, cybersecurity, facilities management, and others) were made more robust, in partnership with our insurance providers.

• We strengthened our platform hardening by deploying attack surface reduction and ransomware protection. This works alongside our managed detection and response (MDR) platform by analysing in real-time each script or service call.

• Measures were taken to continue to improve our Email security. The volume of phishing and spam emails received by our hygiene platform are significantly below the industry average.

• We have increased our monitoring and alerting capabilities by developing deep visibility into our platforms. The log types we ingest and work on include EDR, M365, and Firewall & Email.

• We improved our Privileged Account Security by reducing the overall number of privileged roles assigned by favoring the use of service specific roles.