The recruitment industry is fiercely competitive. Jobseekers and HR departments alike want to work with recruitment providers in new digital ways – making it easy to find, post, and share job information and CVs. A recruitment company’s stock and trade are to store and process personal information on a daily basis – so trust, security and privacy of sensitive information is absolutely paramount.
Our client in this space are currently undergoing a period of massive technical change to enhance the security stance of their enterprise infrastructure – whilst also offering productivity and collaboration gains to end-users.
Through improvements to its security visibility and deployment of Microsoft technologies such as multi-factor authentication (MFA), conditional access (CA), Intune and cloud authentication processes, the firm has re-enforced its position as a leader in digital transformation and security in the recruitment sector.
Our client (who wishes to remain anonymous) is a large recruitment company employing over 7,500 people both remotely and out of their 100+ international offices. The organisation has extensive experience across recruitment, training and consulting, with a presence in over 30 countries across the globe.
This once traditional recruitment and training provider has been on a journey of digital transformation over the last five years, which has brought about some tremendous growth opportunities. With the growth of the Internet and social media as a means for jobseekers to find their dream role, our client has invested heavily in new digital platforms and routes to market.
Our client has a very large online presence in the recruitment sector in over 35 countries across the globe. It offers a website with a huge database of job opportunities that also acts as a customer portal, where they can login, save down CVs, save job searches, update personal details and more.
As a result of its growth and digital presence, the organisation holds and processes vast amounts of personally identifiable information (PII) on its customers. As their CISO stated, “CV sharing is our business, and we need to find the most secure solutions to share this information safely.” As a result, data protection and compliance with new GDPR regulations where extremely important the organisation and the Board.
“CV sharing is our business, and we need to find the most secure solutions to share this information safely.”
With over 7,000 employees spread across 140+ offices (and working remotely), the organisation also had challenges around ensuring they controlled access to this sensitive information – and in a way that promoted collaboration and productivity in the workplace.
As the workforce became more mobile (with employees having increased freedom to work from home / from mobile), this presented the organisation with new challenges around securing devices as well as controlling identities. The organisation was keen to find a solution to secure devices across the entire group.
Finally, with cybercrime on the rise, the organisation was also worried about the risks of any potential breach, as it digitally transformed and moved more and more data from on-premises servers into the Cloud. The security team was concerned about visibility of their security posture, security reporting at Board level, as well as post-breach strategy and incident response plans.
With this renewed focus on security, privacy and compliance, the organisation sought to invest heavily in Microsoft 365 technologies.
Take a proactive and pre-emptive approach to cyber security.
ThirdSpace’s relationship with the client started at our annual Identity and Security Summit held at Microsoft’s UK HQ. The client was starting on a journey to enhance the security stance of their enterprise infrastructure. When Microsoft recommended ThirdSpace as their Gold Partner of choice, the decision was easy.
After careful consideration, the organisation chose to invest in the Enterprise Mobility + Security Suite (EMS) from Microsoft. They also made the decision to maximise the effectiveness of their existing Microsoft licencing by rolling out Office 365 across the group.
ThirdSpace also presented a unique solution offering that was highly valued by the client – The Security and Privacy Current State Assessment. This unique solution helped the organisation understand its current security posture,articulate threats/gaps, and provided clear next steps for remediation, which the Board could easily understand.
The security engagement began with a two-hour onsite workshop where ThirdSpace held detailed conversations and ran assessments to determine the organisations current security posture. The assessments included:
At the end of the assessment stage, we supplied the client with a unique dashboard that highlighted their risk exposure and identified security gaps.
Alongside the dashboard, ThirdSpace also provided a detailed business report prioritising the security gaps and proposing recommended remediation. This detailed report was designed to help articulate security risks and investments at Board level.
“ThirdSpace also presented a unique solution offering that was highly valued by the client – The Security and Privacy Current State Assessment.”
Following on from the Current State Assessment and report, the organisation was then keen to take the security journey to the next stage. We engaged with the client through the delivery of a series of architect-led strategy workshops to define a detailed solution and improvement plan, including:
After the strategy workshops, ThirdSpace then set out on a 12-week project to consult, deploy and embed the following solutions:
ThirdSpace introduced the deployment of Intune into a production environment to create a joined-up pilot including Intune, MFA and CA.
Often referred to as ‘cloud identity’, this activity sought to take authentication requests away from ADFS (federated authentication/identity), and migrate over to Azure AD Connect (managed authentication/synchronised identity), using either password hash sync (PHS) or pass-through authentication (PTA).
This request was important to the organisation as a way to modernise its remote authentication procedures for non-office workers, and to reduce the amount of authentication tokens created daily and save on costs.
ThirdSpace was successful in securing the client onto a ‘private preview’ program with Microsoft and Azure – designed to ease migration capability from ADFS to Azure AD in a staged manner.
As part of the migration to managed authentication project, ThirdSpace also helped to domain-join all the organisation’s Windows 10 devices, allowing easier device management. This ensured that devices were joined to both the on-premises Active Directory and the Azure Active Directory.
This was a key factor in helping the client understand how it could evaluate ‘device trust’ and ‘device ownership’ for use with conditional access – making the authentication process more seamless for the end user.
Throughout the authentication migration project, ThirdSpace worked with the client on the following:
At the time of writing, the client had successfully rolled out MFA/CA and Intune, including the Windows 10 managed devices components globally.
After ThirdSpace’s initial Current State Assessment, follow-on support and strategy workshops, the organisation was in a great position to put in place a lot of the new technologies with their existing team. ThirdSpace were there to support where needed with call-off support days.
The organisation is now looking to roll-out some of the new Office 365 collaboration and security tools over the next 12–18 months.
Next, see how you can get control of the devices within your organisation with our free strategy for devices and mobility.
Our client is a leading recruitment firm with 40+ years of experience and employs over 7,500 people across the globe.
With 141 offices across 36 countries they feature in the FTSE 250 index.
Take a proactive and pre-emptive approach to cyber security.
Send us your questions or feedback.
Friendly folks are standing by!
Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.
You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:Windows
Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.