M247 has joined forces with tech compliance firm MetaCompliance to ensure it can meet the highest standards of information security, both as an organisation and as a service provider.
M247 is a leading Manchester-based provider of international connectivity and cloud services and has witnessed the evolution of cyber threats over its 20 years in operation. As a major cloud-services provider, the company recognises that while the Cloud has had huge, transformational benefits for organisations, enhancing efficiencies and customer experiences, it has also presented a number of cyber security challenges relating to data breaches and increased regulatory requirements.
These security challenges have led to an increased responsibility for businesses and organisations to implement measures for protecting the personal information they use and store. That prompted M247 to seek the support of cyber security specialist firm MetaCompliance. This new partnership will enable M247 to further improve upon its proactive approach to security and compliance challenges, by helping to enhance their already strong policy management. It will also help the company to establish the boundaries of safe cyber security behaviour for its employees, as well as bringing enhanced security benefits to its many customers.
A driving force behind the partnership was a desire among M247’s management team to strengthen in-house compliance procedures, especially in terms of enhancing policies that ensured international security standards, such as ISO 27001, were being met at every level of the business.
While accepting that businesses and organisations that are found to be non-compliant can face large financial penalties, government sanctions and potential lawsuits, M247 believed it was important to be able to offer increased peace of mind for their many end users and customers. Acknowledging the risks associated with inadequate policy management, they felt the new partnership with MetaCompliance would help them achieve this peace of mind by allowing them to adopt a tool that would enable policies to be ‘automated, auditable, accessible and easily updated’.
M247 Group Information Security Manager Gary Myers said it was important for the company to partner with an organisation that was aligned to the values of ISO 27001 (which specifies the requirements for establishing, implementing, maintaining and improving organisational information management systems) and which could help it transform its approach to policy management and compliance.
‘MetaCompliance has always engaged us to work closely in understanding our requirements and help us to refine this internal service offering,’ he said.
The Cloud environment in which M247 operates means businesses and organisations often have large and complex infrastructures, with vast numbers of end users that present increased risks for businesses. M247 recognised that its in-house policy enforcement had become less defined as the business had continued to grow and departments had expanded. M247 saw a partnership with MetaCompliance as an opportunity to refine policies and procedures to ensure a clear audit trail that incorporates all new colleagues and departmental roles, and which can continue to flex as the business grows.
Working with MetaCompliance, who hold the same ISO 27001 level as M247, is a clear demonstration to the commitment in delivering to the international standard for information security. And in providing the highest standards of compliance via approved processes and offering reassurance to its many hundreds of customers around the world.
‘The most tangible change [since we partnered with MetaCompliance] has been the ability to actually quantify attestation from our user base,’ said Mr Myers.
‘This has been invaluable not only to put our own minds at ease that our policies are being read and our training completed, but also provides evidence for our external auditors that we take information security seriously.’
Since the implementation of the MetaCompliance policy management software, M247 has successfully built a framework for ensuring policy and compliance form a central part of every role across the company. Policies are now conveyed clearly to employees, and compliance requirements are communicated consistently, helping create a culture of compliance throughout the business.
By partnering with MetaCompliance, M247 is reinforcing its commitment to meeting the highest international standards of compliance. The strength of this new working relationship will ensure M247 can evidence staff understanding of policies and procedures, as well as target relevant policies towards the right people, in the right place, and at the right time. With this deeper, company-wide understanding of the challenges and an ability to monitor and manage key policies, the compliance culture at M247 has never been stronger.