Contact us

Sending Email...

Valid input required
Valid input required
Valid input required
Valid input required
Valid input required

IT-SECURITY

Constant monitoring and an open culture help us prevent security threats


Recent years have seen a rise in threats to corporate IT environments, creating new demands for understanding, preparing and regularly updating protective measures.

“It’s traditionally been deemed sufficient for computers to have a firewall and antivirus software, but that doesn’t get you far these days,” says Jonas Tillberg, Global Head of IT for the Nolato Group. 

 

Stronger capabilities

So Nolato now has protection in place that entails a high degree of automation, constantly examining suspicious activity in our computers and network. “Our global SOC (Security Operations Center) works around the clock identifying and eliminating threats in and to our IT environment,” explains Jonas Tillberg. Firewalls remain a vital tool. They can still manage the basics of controlling the flow of traffic between different networks and allow or block specific types of traffic. This is done based on predefined rules. 

“But what’s different now is their ability to identify, monitor and filter traffic at a deeper level,” notes Jonas Tillberg. “This enables the analysis of the content of the data being transmitted over networks and stops attempted breaches in real time.”

Another security measure entails dividing networks into different segments to reduce the potential attack surface. This makes each segment a separate unit containing a group of units that can communicate with each other within the segment, but not ­necessarily with units in other segments.

“The purpose of network segmentation is to create safety zones within the network, which limits the spread of potential threats and attacks,” explains Jonas Tillberg. “If a segment is affected by malicious code or an attacked unit, the rest of the network is isolated and can’t be damaged by the same threat.”

Phishing a human risk

“But it’s not all about technology; the people using the computers also need to understand the risks associated with things like phishing,” notes Jonas Tillberg. “In many cases, phishing is now a more troubling risk for companies than purely ­technical attacks, as phishing is based on the ­manipulation of people.” 

An example of phishing is a fraudster using sophisticated email messages to obtain an employee’s username and password to facilitate entry into IT systems and carry out attacks inside the firewalls. But these messages may also entail the fraudster pretending to be a senior executive ordering the worker to pay large sums of money into an account. 
“These emails are often convincing, with the correct sender and well-written, credible content,” notes Jonas Tillberg.

Simulation improves knowledge

“To raise awareness among our employees of this type of crime, we use simulations, in which we create realistic scenarios of fraudulent emails,” says Jonas Tillberg. “These messages are similar to those sent by cybercriminals, and employees are encouraged to recognize and report them.” 

Following the simulation, employees receive immediate feedback and access to relevant training material to improve their knowledge. This helps develop a better understanding and greater vigilance of the methods that criminals use.

Open culture allows us to act quickly

Along with the simulations, regular training is also provided to increase awareness of current IT security threats. This offers employees an insight into methods in order to prevent them, and into the best way to protect the company’s, customers’ and their own personal data.

“We encourage our employees around the world to create an open communication culture and welcome the reporting of suspicious activity and potential security risks,” concludes Jonas Tillberg. “This allows us to act quickly in the event of any incidents and prevent serious security threats.”

 

  • Nolato

Case study

Vulnerability management

An interview with Nolato's US based IT Manager Dustin Tabor for a case study on Holm Security’s vulnerability management platform which we use at Nolato to improve help protect our network.

“Vulnerability management is imperative as it allows us to minimize risk which translates into our ability to execute and deliver for our customers”, says Dustin.

You might also be Interested in

STORIES

Nolato’s strategic transformation

Nolato has developed significantly over the past decade and is now a global group, in which all three business areas have a strong presence on three continents and a wide array of successful global companies as customers. Although the foundations for this were laid over 80 years ago, it was a strategic decision around 10 years ago that was key to the evolution that has led to the Nolato we know today.

STORIES

Smart combination of local and global

Any company working with Nolato has access to a vast and varied offering as part of a smart combination of close, local partnerships and the global Group's expertise and resources across the three continents.

STORIES

We are responsible for our environmental footprint

Sustainable development has long been a top priority for Nolato. It’s a natural part of our corporate culture and something that is deeply rooted in the company. Now we are setting absolute targets according to SBTi.