18.10.2024
Donation of old MBC tablets to the Jobtrek Foundation
Meanquest fait don de tablettes MBC à la fondation Jobtrek pour soutenir l’inclusion professionnelle.
Meanquest wins the
Meanquest announces that it has obtained ISO 27001 certification for all its sites and activities: “Consulting services, design and implementation of IT solutions, infrastructure management and user support, Swiss cloud hosting, IT staff recruitment and consulting in information security, cybersecurity and data protection”.
Meanquest’s quality approach reflects the commitment of all our teams and our compliance with internationally recognized standards to meet our customers’ operational requirements.
Obtaining this certification is the result of an intense effort on the part of our teams, enabling us to provide the best possible protection for the confidential information and sensitive data we may be required to handle.
This recognition, awarded by the SQS, reinforces Meanquest’s position as a benchmark IT partner in French-speaking Switzerland. It is in line with the company’s growth strategy, which has always placed quality at the heart of its development model.
Interview with Nicolas Crozat (Director of Operations and Continuous Improvement) and Mahandry Rambinintsoa (Director of Information Security) on working towards ISO 27001 certification.
In order to comply with the market’s increasingly stringent security requirements, Meanquest embarked on an ISO 27001 certification process 10 months ago.
Nicolas Crozat, Operations & Quality Director, and Mahandry Rambinintsoa, ISO 27001-certified DPO, look back on the certification process, which was carried out at an intense pace.
Why have you embarked on this process?
First of all, there’s the global context, with the increasing number of cyber-attacks, which requires us to take all the necessary measures to protect ourselves. For many years, Meanquest has been implementing various human and technical measures to guarantee a high level of security for our customers:
- Strong partnerships with major players in IT and IT security (manufacturers and software publishers)
- Recruiting qualified experts in various fields
- Regular training for our employees
It’s also a requirement that is increasingly shared by our biggest customers, who ask us for this certification. Although this certification is not very common for medium-sized service companies due to the requirements they have to meet, it will enable us to support players in more sensitive sectors, such as finance or healthcare, where this certification has become virtually mandatory.
Finally, the acquisition of Sequal in April 2023 naturally reinforced this orientation, as it seemed difficult to support and advise our customers without being certified ourselves.
“This certification will enable us to raise our level of safety even higher, not only from a technical point of view, but also and above all in terms of user training and awareness. By integrating the requirements of ISO 27001 into our day-to-day activities, we meet the legal requirements and those of our customers, assuring them that we have implemented information security processes in line with current best practice.
It also demonstrates that we apply to ourselves the advice we give to our customers via our sequal business line.
Who were the key players in this project?
A relatively small project team, comprising Nicolas Crozat, Operations & Quality Director, and Mahandry Rambinintsoa, ISO 27001-certified DPO, led the project and mobilized the teams to support the change. Naturally, General Management also lent its support.
But this certification is a company-wide project, since every employee plays an essential role in safety. Significant awareness-raising work has been carried out to make everyone aware of their role, and an ongoing training and awareness-raising program is in place.
What were the main phases of the project?
We began with an initial audit to assess the situation and identify the efforts required. This was done by sequal before its integration into Meanquest, and it was through this exercise that we began working together.
Following this exercise, which provided us with a detailed action plan, we put in place information security policies in which we set out our security objectives, principles and rules.
Secondly, we needed to train our teams, as we made a number of structural changes at both technical and organizational levels.
When we felt we were ready for the certification audit, we called in an external expert to carry out a preparation audit to make sure we hadn’t overlooked anything.
The final stage was the certification audit, which put our information security management system to the test.subject to regular follow-up audits. This means that we must continually work to align our practices with changes in our infrastructure and our context more generally.
What’s next?
Obtaining ISO 27001 certification is certainly very important, but it is not an end in itself. Implementing the requirements of this standard is based on a continuous improvement approach, and maintaining certification is subject to regular follow-up audits. This means that we must continually work to align our practices with changes in our infrastructure and our context more generally.
