Skip to content

TechWolf’s Journey to SOC2 Compliance

#Google Cloud Platform#Google Workspace#Security

TechWolf's Journey to SOC2 Compliance, granting access only to authorised personnel for Google Workspace and linked SAML applications.

TechWolf – Skills Intelligence Platform

TechWolf, a Belgian-based company with an additional office in the UK, helps enterprises establish an automatic, instant and always up-to-date Skills Intelligence. TechWolf’s Skills Intelligence Platform provides enterprises with a fast track to adopting a skills-based talent model. Its AI technology gives organisations an instant overview of skills and skill gaps across their workforce.
Skills-based organisations (SBOs) need reliable information about people’s evolving competencies. Collecting and maintaining skill data is a struggle for most HR departments, and the results tend to be fragmented and quickly outdated. Let’s take a look at Techwolf’s Journey to SOC2 Compliance.

The Challenge 

Access is no longer limited to your office or your employees. Meaning companies can no longer rely on physical barriers to protect their information or to control who has access to it. Instead, enterprises adopt new security measures to protect their data and to ensure access only by authorised users. BeyondCorp’s context-aware access ensures secure and personalised connections from any device or location, safeguarding corporate resources without compromising accessibility.

Techolf received a proposal for a Google Workspace Mobile Device Management (MDM) and Context-Aware Access Deployment.

The most remarkable result is the fast-paced, spot-on implementation. A project typically takes six weeks from start to finish. Devoteam G Cloud delivered the project in four weeks, including the holiday period.

Robbe Simoens CISSP | Security Officer @ TechWolf

The Goal of the Project

The project helped TechWolf implement robust security policies to ensure that only authorised individuals with the necessary context have access to Google Workspace services and any linked SAML applications. The deployment ran using Devoteam G Cloud’s experience and best practices.

This result will assist TechWolf in attaining its security-based SOC2 certification.

What is SOC2?

SOC2, aka Service Organisation Control Type 2, is a cybersecurity compliance framework developed by the American Institute of Certified Public Accountants (AICPA). The primary purpose of SOC2 is to ensure that third-party service providers store and process client data securely.

The framework specifies criteria to uphold high standards of data security, based on five trust service principles: security, privacy, availability, confidentiality, and processing integrity. TechWolf has started its compliance journey with the Security section, also known as the Common Criteria.

Devoteam G Cloud has deep knowledge of the product and the understanding of the customer requirements.

Robbe Simoens CISSP | Security Officer @ TechWolf

The solution and methodology

TechWolf adopted Google Workspace Mobile Device Management (MDM) and Context-Aware Access to fortify their data security. These solutions empowered TechWolf to safeguard its valuable data, ensuring only authorised individuals could access it.

BeyondCorp’s Context-Aware Access ensures secure and personalised connections from any device or location, safeguarding corporate resources without compromising accessibility.

This deployment consisted of 3 phases:

  • TechWolf started on a comprehensive security journey, spearheaded by a meticulous discovery phase to define the optimal security policies for Mobile Device Management (MDM) and Context-Aware Access.
  • Next, they onboarded a select group of early adopters, subjecting them to the initially designed security policies. By carefully monitoring their experiences, they gathered valuable insights to refine the deployment process.
  • Finally, they orchestrated a Go-Live, transitioning the entire organisation to the newly implemented security policies. This final step equipped all TechWolf employees with the necessary tools to safeguard sensitive data.

In addition to the technical rollout of security features, Devoteam G Cloud provided comprehensive support for end-users throughout the transition. Maintaining clear and transparent communication throughout the process, outlining the rollout plan and addressing any concerns or questions users may have had. Devoteam G Cloud also conducted regular Q&A sessions to address fears and worries related to the security changes.

Devoteam G Cloud brought the right personnel for translating the product to a fit for TechWolf. The appointed consultants were very responsive and available in case of questions or remarks.

Robbe Simoens CISSP | Security Officer @ TechWolf

Techwolf’s Secure Future

TechWolf’s 70 employees now operate within a highly secured environment, their endpoint and mobile access safeguarded by Google Workspace’s Mobile Device Management (MDM) and Context-Aware Access.

With this robust security strategy, TechWolf can rest assured that only authorised individuals can access sensitive data, ensuring its protection and safeguarding corporate resources. This enhanced security posture promotes peace of mind among employees, allowing them to focus on their work without distractions.