The company was responsible for the personal information records of tens of thousands of customers.
Since our client offers solutions in psychometric assessment, the customer information under their management was private and highly sensitive.
This customer data was accessible to all users within the organization, and could be accessed from any location and device.
The lack of access controls meant that the risk of a data breach was high, and a breach would have a significant legal and reputational impact on the company.
The company was also concerned about the risk of account takeovers, phishing, and other cyber threats that could compromise their systems and client data.
Adherence to data protection laws such as GDPR were vital for the business to maintain and build trust - with clients as well as global assessment program partners.