Business
« Security is at the heart of our development strategy » by Jérôme Balducci, General Manager
0 min.
With OVH’s SecNumCloud offer, Whoz joins the closed circle of organizations with the most secure data centers in France, alongside companies in the banking and health sectors. In an increasingly sensitive context, this subject is taken very seriously at Whoz: in 2021, one company in two is the target of a cyber attack, the following year the State releases a 30 million euro envelope to help digital security for SMEs and ETIs. Jérôme Balducci, General Manager of Whoz, talks about the importance of data protection.
Why is cybersecurity a crucial issue for Whoz in 2023?
Jérôme Balducci: “Last year, very large companies with several thousand employees, including major Digital Sector Companies (DSCs) such as Keyrus or Econocom, suffered cyber attacks and had to stop their activity. NSEs are a prime target for hackers because their core business is based on employee data, and they themselves deal with hyper-digitized customers. Moreover, there is not only public data, but also business data: business intelligence is facilitated on the public cloud. The data processed by Whoz is therefore vital for its customers and requires drastic security measures to be put in place. This has become a condition to be able to respond to certain calls for tender from public organizations. Our client CS Group says it clearly: some staffing solutions have been rejected on this criterion.”
What is Whoz doing to fight against cybercrime?
J.B.: “Since the creation of Whoz, security is at the heart of our development process. We have always had two principles: Privacy by design and Security by design. This means that since the beginning, we have been developing our services with the priority of respecting the RGPD and data security. On the privacy aspect, we work with an external consultant from the CNIL and the European Commission. She ensures that all the personal data of our customers’ employees is secure. On the security side, we chose to subscribe to OVH’s SecNumCloud offer. As a French player, their servers will never be exploitable by a third party state, especially an American one. It is important to know that American laws allow access to data anywhere in the world. Not at OVH. By subscribing to SecNumCloud, whose cost is 25% higher than the classic offer, the National Agency for Information Systems Security (ANSSI) issues a certificate that guarantees compliance with best practices to ensure data security. In short, at OVH, our offering is in data centers with the highest level of security in France, at the same level of requirement as banks or organizations dealing with health data.”
And what about the internal security team at Whoz?
J.B.: “Our internal Information Security Management System (ISMS) ensures the proper implementation of the ISO 27001 standard, a certification obtained in September 2022 after a one-year project. It attests to a very high level of information security, in line with the state of the art. At Whoz, for each evolution of the solution, a security study is carried out by our Dev Sec Ops. At the same time, test robots apply several thousands of checks as soon as a modification is made. On a more permanent and random basis, we are audited by external companies who simulate hacker intrusions and see if they manage to access our services. We are proud that our SecurityScorecard score is between 98 and 100/100. At Cybervadis, which also audits our data security, we are in the top 10% of companies with a score of 894/1000.”