During the corona crisis, Denmark’s leading law firm, Kromann Reumert, had to ensure that its employees – on a day’s notice – would be able to work as effectively in the home workplace as in the office. This requirement made great demands on the IT organisation and security measures when collaboration platforms such as Microsoft Teams and SharePoint Online are being used more in the daily work. However, this is a job that Kromann Reumert has long been ready to do – thanks, in part, to the 2ndC Compliance Suite.
Because of COVID-19, millions of people have been forced to work from home during the spring of 2020. A very special situation, without precedent in recent history – and as you know, special situations place new, difficult demands on organisations’ readiness for change. This applies to both corporate management, employees and the entire organisation’s technological set-up.
This situation has put pressure on IT organisations across the country. Because even though the usual office frameworks have been replaced by working from home, the employees still require the same access to data, applications and systems that they have in the office. Similarly, there are suddenly new demands on the technology platform when the organisation must enable employees to work effectively together – even though they are separated physically.
Working From Home Requires Increased Security
“Almost all our employees have been working from home since March 11, and this has, in fact, not been a problem. Our IT systems and digital tools support working from home, so we have been able to maintain unchanged operations and service levels. In this way, we are able to continue to service our clients and partners, “explains Jacob Brønnum-Schou, IT Manager at Kromann Reumert, Denmark’s leading law firm, and explains further:
“Our IT set-up has always been dimensioned to handle this situation, since we are a flexible and mobile organisation that continuously collaborates across Office 365, especially through Microsoft Teams, SharePoint Online and the rest of the Office 365 suite.”
However, this type of collaboration places high demands on security and not least on good standards for data usage. These are disciplines that are a central focus for Kromann Reumert, which is a consultant on GDPR and has, therefore, a strong emphasis on complying with the requirements of secure data handling.
“Data protection and IT security are constantly in focus with us since we are working with confidential information. Safe handling of our clients’ data is equally important whether we work from the office or not. We can do this because we have a 360 degree-approach to our IT architecture, our processes and our data types, ”says Jacob Brønnum-Schou. “For example, Teams is an effective platform that has proven its worth during the corona crisis, but the use of the platform must align with our business policies and obligations.”
The Organisational IT Groundwork Must Be in Place
The fact that such a large part of the Danish workforce is working from home has meant that many organisations have quickly implemented digital collaboration platforms to maintain productivity while their employees are required to work at home. Unfortunately, when the implementation must take place so quickly, it opens the door for major compliance and security challenges.
However, this has not been a problem for Kromann Reumert.
“We have always had very clear deletion policies, chat communication guidelines, and, importantly, we use the Data Loss Prevention tool across Office 365 so that we don’t share sensitive information internally or externally, “says Jacob Brønnum-Schou. “For example, if you deploy Teams, Skype etc. without first making sure that the policies and guidelines for the organisation’s IT are as they should be, it becomes difficult to maintain data security in one’s business. So the basic system design must be in order. ”
This is precisely why it is also crucial to focus on user and access management – in the office as well as in the home workplace. To that end, Kromann Reumert uses the 2ndC Compliance Suite.
“Compliance Suite has streamlined and automated our user and access management processes. This platform serves as an organisational blueprint for how new technologies – on the rights level – should be implemented. And Compliance Suite also enforces compliance with this blueprint. The platform ensures that nothing gets out of control and that we can always maintain the right framework for both efficiency and security. And that we also can do that when quick execution is critical, ”says Jacob Brønnum-Schou.
A Compliance Cockpit in Times of Crisis – and for the Normal Workday
With the 2ndC Compliance Suite, Kromann Reumert has been given a control panel that gives the organisation a complete overview and control of IT users and their access to systems and data. Through dynamic role and rights management, the law firm can always be sure that no employees inappropriately are placed in digital teams that give them access to data to which they should not have access.
“When implementing new IT platforms to handle data sharing, it is crucial to maintain an overview of who has access to what and why they have access to it. No one should be in collaborative forums where they do not belong or be able to access client data for which they do not have access rights,” says Jacob Brønnum-Schou. “Compliance Suite ensures that we are always certain that all employees have precisely the access rights that they need and only those rights .”
Kromann Reumert has automated a wide range of manual and time-consuming processes related to the administration of users and their access. In addition, the 2ndC Compliance Suite has helped Kromann Reumert connect the business side and the IT setup more closely.
“With Compliance Suite, we have an easy, user-friendly interface that makes it easy to ensure that the precise built-in IT security found in Office 365 is properly configured to match the requirements that our IT department has defined in collaboration with the business, ”says Jacob Brønnum-Schou.
“There are a huge number of IT security functionalities that need to be addressed – especially in Office 365 – but, working together with 2ndC’s consultants, we can focus on making the technology optimally supportive of our business and, not least, focus on achieving better data security,” he adds.
Get the Kromann Reumert case story as a PDF >