.svg)
Schouten & Nelissen University of Applied Sciences (SUAS) offers accredited Master's and Bachelor's programmes, professional training, and coaching for personal and professional growth. In 2020, it was named “Best Educator in the Netherlands.” SUAS provides training in leadership, personal effectiveness, and vitality, for both individuals and organisations in the Netherlands and internationally. For companies, it creates tailored programmes, including surveys and assessments. Committed to being a reliable international partner, SUAS ensures that data is handled securely and agreements and legislation are respected. Together with PuraSec, the university continuously strengthens its information security.
We were looking for a party that could support us with a revision of the ISMS (Information Security Management System) based on ISO 27001. After an extensive online search, we found the right party to work with. The choice fell on PuraSec. An organization that would fit in well with Schouten & Nelissen by offering a pragmatic process, to guide us with the desired expertise in an accessible way.
In order to challenge the organization, SUAS has chosen to work together with an external security officer. After all, fresh eyes compel. In addition, developments in the field of security are moving very quickly. A specialized party gives SUAS the guarantee of always being up to date with the most recent developments. During the process, Schouten & Nelissen purchased various services from PuraSec, including advice and guidance to embed the ISO 27001 principles in our organization. In addition, security expertise was provided for a training. A pentest was also performed to identify technical vulnerabilities in the systems.
Within IT we ensure good technical protection of data, but we realize that the weakest link is “you and me”. There had to be a realization that made it clear that the weakest link in information security is often the person behind the computer itself and not necessarily the technology. This realization also had to come to life within the organization, but to achieve that we needed a party that helped us launch this in a manageable way in the organization.
Within IT, we ensure good technical data protection, but we realise that the weakest link is “you and me”.
- SCHOUTEN & NELISSEN
For us, awareness is the most important, because that is where we see the greatest risk. Through the guidance of PuraSec, information security has come to life within our company and we have been able to make it clear that making a mistake is not bad, but that the way you deal with it can determine the future of the organization. In this world it is crucial to always be up-to-date. With the support of one of PuraSec's Security Officers we can now guarantee this. We have come a long way, but we realize that it remains a process that we must continuously be alert to. We always keep in touch with PuraSec to stay informed of recent developments in information security.
From A to Z, we experienced the process as very positive. It is an art to make this heavy subject accessible to everyone. With 'normal language' PuraSec was able to explain to the core what information security is and what it means for daily business. Together with PuraSec we set up an Awareness E-learning that is included in the onboarding program for new employees. This was well received within the organization, both in terms of content and form. For that reason, our employees actually enjoyed working with Awareness. Finally, PuraSec helped us to make the connection between our quality system; ISO 9001, and information security. In this way we can now tackle the subjects integrally and combine the annual audits.
“PuraSec's power lies in effectively implementing information security, carefully where necessary and pragmatically where possible”
- SCHOUTEN & NELISSEN
