Microsoft Purview

Opticore is an IT Consultancy founded in 2013 to bridge a gap in the market between the major IT services providers and the consultancy market. The London-based organization employs around 75 permanent network engineers, across various disciplines, investing heavily in their training and development. Offering vendor-neutral services including design, implementation and audit work, Opticore’s portfolio and experience includes clients in the banking, media, insurance, healthcare and telecommunications sectors.

The Challenge

Driven by client requests and questions around its security profile, Opticore wanted to gain a competitive advantage by demonstrating it has the right compliance and cyber security practices in place. The company embarked on achieving internationally recognized ISO certification for information security (ISO 27001) in October 2019.

“Over the past three years we have grown rapidly as a business. We wanted to put the structures in place to enable us to get to the next level of growth. As an organization that prides itself on our quality of service, ISO certification provides a stamp of excellence which opens doors to new clients,“ explained Mike Hord, Opticore Commercial Director.

“Our mission is connecting people and moving data across global corporate networks, so we need to ensure that we walk the walk and everything we do is done securely.”

However, in preparation of the ISO audit and accreditation process, the company identified a lack of in-house resource to dedicate to the task. Bridewell was brought in to assist with the certification and implementation of the frameworks which involves setting objectives and establishes principles for action with regard to information security.

The Solution

Bridewell was brought in as a specialist cyber security and data privacy consultancy that delivers a range of solutions, including support, management and audit services around achieving ISO accreditation.

The Bridewell team worked with Opticore to understand its requirements, what processes were already in place, and exactly what needed to be implemented from a framework point of view.

It used a tried and tested five-phase methodology which started with scope design and planning, moved on to risk assessment and remediation, and then implemented ISMS controls and risk mitigation. The project was rounded off with an evaluation and preparation stage, before certification was awarded in the final phase.

Bridewell was highly flexible in the delivery approach, accommodating Opticore’s changing requirements and timescales.

In an unprecedented move for the industry certification bodies, the start of the pandemic forced the stage one and stage two audits to be conducted online. Bridewell’s flexibility meant that Opticore was even able to accelerate the process at the start of the lockdown as it had more time to devote to the project, which was ultimately completed to schedule in September 2020.

The Results

Opticore is now competing at a level above or alongside its competitors when it comes to demonstrating its security credentials, fortifying its position at the forefront of the industry.

It is now looking to constantly improve its security measures and continues to engage Bridewell as a partner in order to regularly assess its security capability, with the next goal being to achieve Cyber Essentials certification. The process has been a trigger for the organization to formalize and document all of its backend processes.

“We wouldn’t hesitate to recommend Bridewell’s services. The whole project went very smoothly, and we came through the certification with flying colors. Our relationship with Bridewell has been tremendous and it really feels like part of our team now. They guided us gently through the process and always kept us on track.

“Having a sounding board with its security expertise is invaluable, and I can’t speak of Bridewell highly enough,” concluded Hord.

With Opticore’s accreditation, Bridewell upholds its 100% ISO 27001 success rate.