Long-Term Safety Policies
As IT Security Manager at Huddinge municipality, Arne Göranson is responsible for the internal operations of the IT section and ensuring that the IT systems in the municipality’s other operations maintain a high-security level. Having worked actively over the years to increase IT security, two years ago Huddinge municipality decided to evaluate their need for other security-enhancing measures.
Trying to avoid the mistake many other municipalities make and invest large amounts into products that would remain unused, they came across Holm Security. Recognizing Holm Security VMP (Vulnerability Management Platform) as an affordable alternative, allowing a better understanding of the vulnerabilities present in the municipality’s IT environment today and in the future.
Easy Implementation & Automated Process
Arne describes the actual implementation of Holm Security VMP as quick and simple. Provided with information and support from Holm Security’s support team, he encountered no major problems.
Holm Security has listened when I have had opinions about the platform. In many cases coming up with solutions that have resulted in improvements and new functions to the product. We highly appreciate the responsiveness to what we as a Swedish municipality want to get out of the platform.
- Arne Göranson, IT Security Manager.
Arne emphasizes that Holm Security VMP has been a good tool for familiarizing with vulnerabilities as it, at first it was not entirely clear-cut what they wanted to get out of the scans and what the work processes would look like. However, over time the municipality has set up systems and processes, focusing their scans and remediation on vulnerabilities in systems deemed essential and business-critical. Scans are performed regularly and completely automated, reducing human hand-laying.
Essential services & Business-Critical Systems
Concentrating on systems where social services, elderly care, and childcare are affected or systems that could cause extensive damage in the event of intrusion or interruption, the scan details have helped Arne to make demands on operations managers within the municipality and external suppliers of various systems.
I can make demands that the various operations maintain their platforms and environments. I can quickly get an overview and, together with system owners and operation managers, arrive at what measures are needed.
Raises Vulnerabilities to the Surface & Creates a Methodology
Arne explains that while they were previously aware of system vulnerabilities, they were not readily apparent before employing Holm Security VMP. The platform has helped to visualize shortcomings and simplify communication internally. Additionally, Holm Security's Customer Success team and experts have assisted when needed.
Helps Comply with Laws & Recommendations
For Huddinge municipality, the platform has been a very affordable alternative to increase IT security by creating a more systematic cyber security work - according to laws and recommendations such as RSA (Risk and Vulnerability Assessment) and NIS (Network & Information Security).
Recommended for All Municipalities
Being able to visualize vulnerabilities is a budget and resource issue, far from all municipalities have an IT Security Manager. However, with a product like Holm Security VMP, even smaller municipalities with fewer available resources can create routines and processes to reduce the number of weak points in the IT environment and increase general IT security.
When other municipalities have been curious, I have invited them over and shown the possibilities of Holm Security VMP. I think that many municipalities could greatly benefit from and expand their IT security with this great and affordable product. That it is cloud-based and delivered from data centers in Sweden makes it easier.