Nicolas Roux
CIO and CISO
IT Link is a boutique French consulting firm, advising clients on connecting technologies, objects, and people to optimize organizations, drive innovation, and accelerate business. The organization has been in business for over 34 years and employs over 700 consultants who support clients in their innovation and transformation projects, from sensors to business applications, healthcare, and beyond.
As a publicly traded company on the stock exchange, IT Link must ensure that when financial and strategic information is shared, it remains completely confidential. This is where Virtru comes in.
With Virtru, IT Link is able to:IT Link advises thousands of high-profile clients, empowering each of their respective businesses. The organization supports a wide range of innovative clients across industries and sectors, including:
For Nicolas Roux, CIO and CISO of IT Link, data privacy and security are vital to ensuring strong relationships with customers. “We must protect all sensitive customer information and data. It even happens that some of our customers impose protection solutions on us during our exchanges to meet internal or regulatory obligations specific to particular industries such as automotive or defense,” Roux said. “We share many documents with these customers as email attachments because our Google Drive is not accessible by external users. We cannot share anything from our Cloud. We encrypt and share contracts, quotes, calls for tenders, personal data or financial data that cannot be disclosed, because we are listed on the stock exchange. These are basically our Directors and CxOs who handle sensitive data on a daily basis.”
For Roux, quickly deploying security tools from Virtru was a priority to ensure these communications remained secure.
“IT Link has a commitment to the ISO 27001 standard, for which we are certified and must demonstrate that we have deployed the right data protection devices,” Roux said. “Encrypting data is emphasized by ISO 27001 as a critical control to ensure the principles of confidentiality, integrity, and availability of information.”
Because IT Link has such a high velocity of information flowing in and out of the organization, it needs tools that allow for easy sharing without sacrificing security.
“We have just discovered the Virtru Secure Share file-sharing solution, which perfectly meets the needs of several of our teams,” Roux added. Those teams include:
In terms of the impact of Virtru products, Nicolas Roux indicates that it was immediate, especially for Directors and CXOs, who need to share sensitive data daily.
“It was essential to respect the confidentiality and data of our customers, to respond to regulatory requirements such as GDPR and the ISO 27001 standard, and protect against all potential external attacks,” said Roux. “It is the latter that made our company aware that it was necessary to deploy data protection for our emails and our files.”
In terms of change management, Nicolas Roux has clearly communicated the need for cybersecurity internally. One method was a set of internal phishing email tests for employees — the results of which he published, making the exercise even more impactful.
Employees now understand why data security is so necessary. After the exercise, Roux included Virtru in the company’s data protection process and policy documentation. There is also a cybersecurity module on the company’s e-learning platform that covers Virtru for email and file encryption. Finally, Roux regularly posts communications on cybersecurity on the company intranet.
“In terms of adoption, the feedback from the field is rather very good,” says Roux. “Virtru is easy to use, there is no need for support, and the autonomy is fast. The administration of the products is simple and efficient, especially for a small IT department like ours. Feedback from external users who receive encrypted emails and who read them with the Secure Reader is pretty good, too.”
Roux knows that cybersecurity is an ongoing journey, and there is still more to do. Roux wants to implement Virtru's DLP rules for email to better target and automate data protection.
We asked Roux what advice he would give to fellow technology and security leaders who are choosing a data protection platform. Here’s what he told us:
“IT Link is on its way to Zero Trust, and Virtru has become an important part of our system,” concluded Roux.
