Site Search

Menu

Services

Menu

Private Wealth & Entrepreneurs

Menu

Family business & SME consulting

Featured

Artificial Intelligence

Menu

Events

Loading Results

How we ensure a secure cloud transformation

The modern workplace
The modern workplace
  • Insight
  • 7 minute read
  • 07/03/24
Fabian Faistauer

Fabian Faistauer

Director, Cybersecurity Technology & Transformation, PwC Switzerland

Email
Oliver Schönenberger

Oliver Schönenberger

Senior Manager, Cybersecurity and Privacy, PwC Switzerland

Email

A modern-day challenge for organisations

The COVID-19 pandemic, which broke out worldwide in 2020, had in many ways a lasting impact on how companies collaborate. Lockdowns meant that work processes suddenly had to be carried out completely remotely. Employees who didn’t have to be physically on site were obliged to work from home. Organisations around the world were faced with the technical challenge of making this happen. As a result, a completely new type of collaboration or modern workplace emerged.

It became clear that cloud solutions were the best way to tackle these challenges, mainly due to their scalability and accessibility. The transformation of the modern workplace thus also involves moving to the cloud. While the biggest issue was collaboration and business continuity became the priority, important aspects such as governance, compliance, operations and security initially took a back seat. We place a clear focus on data security in our solutions. In a world of ever-expanding networking, increasing importance is attached to data confidentiality and controlled access to resources.

Three types of organisations

Even though the pandemic led to a surge in digitalisation and forced move to the cloud, companies are at different stages of the process. Based on the five phases of Everett Rogers’ diffusion theory, we identify the following three types of organisations in particular:

Innovative and leading, these companies were already investing heavily in new technologies, such as cloud before the COVID-19 pandemic. These are usually technology focused companies.

These companies recognised the necessity and benefits of cloud solutions, but they weren’t ready for an organised development stage and looked for quick solutions to problems. Government authorities or educational institutions with established structures and processes in particular fall into this category.

These companies took their time and were rather sceptical about new technologies. The pandemic was primarily solved organisationally, using the experience of others to develop a customised solution. These types of companies are planning to move to the cloud soon. This behaviour is observed in the finance sector especially.

Cloud-driven workplace transformation: managing complexity

With the cloud and the modern workplace transformation, system complexity is of course also increasing. IT operations must now integrate legacy applications and modern cloud solutions for employees on a single platform. This requires, for example, adapted IT structures, clear (shared) responsibilities and revised governance. There also needs to be a rethink on the topic of information security, especially in the context of Zero Trust.

Companies are often faced with higher costs as a result, because they have to finance their old systems as well as new cloud services. Smart data management and the targeted decommissioning of legacy systems can help to reduce costs in the short to medium term.

On what stage is your company at in terms of cloud digitalisation and the modern workplace?

According to the diffusion theory, do you see yourself as an early adopter, a late majority or a laggard?
 

Key topics to a secure modern workplace

Our range of services includes suitable and supportive elements to enable our customers to establish a successful and secure modern workplace. Our experienced experts cover the strategic, conceptual and technical requirements to make sure that your needs are met. 

The increasing use of cloud services, mobile devices and virtual working environments is placing new demands on security in order to protect sensitive data and ensure secure communication and access to resources. This is why security is a top priority for us. Importantly, you need a strong partner at your side who has a broad network and can work with you to develop solutions to meet these challenges.

Drawing on our experience over the past few years, our Cloud Security and Modern Workplace team has identified the following core topics:

Our approach
  • We conduct a readiness assessment.
  • We analyse incoming signals and use tailored business cases to create customised guidelines for increased security and optimum user-friendliness.
  • We support your organisation in implementing, managing and monitoring the new Zero Trust structure.
  • We take a universal approach to Zero Trust and make sure that any legacy applications are also securely integrated in a hybrid environment.
How we support you
  • Creation of an overall security design to define the Zero Trust structure.
  • Design of identity and access management for seamless integration into the Zero Trust structure.
  • Implementation of the security guidelines including setting up a monitoring programme for log events to optimally monitor all signals.
  • Implementation of legacy authentication to ensure and standardise security requirements for resources.
Our approach
  • We use our industry knowledge to adapt the configuration of Microsoft Intune to your organisation’s specific requirements.
  • We assess your device requirements and adapt our templates for the effective management and security of your devices.
  • We create customised guidelines for your strategy. This way, we can guarantee suitable access controls for applications for mobile device management and for a mobile application management solution, making sure they’re used efficiently.
How we support you
  • Simplified device management through a central platform.
  • Enhanced security level for managed and personal devices.
  • Complete automation of device registration using Windows Autopilot.
  • Data security is ensured through controlled access and encryption of your business data on your personal device.
Our approach
  • We use Microsoft Compliance Manager and offer comprehensive insights into best practices and compliance policies. 
  • We analyse your data landscape by observing existing data types and the typical incoming and outgoing data flows, and protect it with suitable measures.
  • We implement efficient insider risk management as well as a communication compliance framework to detect suspicious data and communication patterns.
  • We empower your employees to use eDiscovery to implement compliance and regulatory requirements.
How we support you
  • Creation of databases for cataloguing the different data types.
  • Prioritisation of tailored compliance measures.
  • Prioritisation and implementation of measures to protect against insider risks.
  • Development of a robust framework for data management within the Microsoft 365 environment.
  • Implementation of data classification and guidelines to prevent unintentional data leakage.
  • Creation of an understanding of the regulatory implications of the underlying compliance.
  • Training and support for employees to optimise implementation, as well as training for compliance officers and data protection officers.
Our approach
  • We pursue a ‘secure by default’ strategy, which involves enhancing the security level efficiently and without compromising user-friendliness. 
  • We protect your cloud services with suitable monitoring guidelines based on a risk assessment.
  • We reduce your attack surface by introducing appropriate vulnerability management in conjunction with powerful next-generation protection. Based on this, endpoint detectors and automated response capabilities are implemented. 
How we support you
  • Creation of tailored policies for anti-phishing, safe attachments and safe links.
  • Delivery of attack simulation training to increase user awareness.
  • Ensuring visibility of all cloud apps in use to prevent shadow IT.
  • Protection against app-based threats with XDR solutions.
  • Implementation of appropriate vulnerability management and configuration management.
  • Maintenance and implementation of a modern concept for the automated triggering of alarms and the resolution of security incidents.

Why PwC?

Our Cloud Security team is composed of competent experts who inject their cross-industry experience directly into their daily work. We’ve successfully supported global customers on their journey to the cloud with the innovative modern workplace.

Last year, our work was also recognised by Microsoft who selected us as ‘Swiss Partner of the Year 2023’ in the Security category.

Our focus goes beyond purely technical aspects, as we benefit from our unique network to cover cross-sectional areas in a professional and scalable manner. In this respect, we’re very familiar with the challenges faced by all types of organisations.

We recognise that ‘early adopters’ have different requirements to the ‘late majority’ or ‘laggards’. This knowledge enables us to identify critical situations at an early stage and promptly take the right steps to successfully pursue your cloud journey – comprehensively, efficiently and securely.

Contact us

Oliver Schönenberger

Senior Manager, Cybersecurity and Privacy, PwC Switzerland

+41 58 792 40 17

Email

Services Assurance Consulting Corporate Support Services Deals Global Markets Legal People and Organisation Private Wealth SME and Family Business Tax Advice
Industry Sectors Energy Financial Services Government and Public Sector Health care Industrial Manufacturing Real Estate Retail and Consumer Goods Pharmaceuticals and Life Sciences Sports Business Advisory Technology, Media and Telecommunications
Today's issues Artificial Intelligence Workforce of the Future Finance Transformation Customer Transformation Cybersecurity Data & Analytics ESG: Criteria and Implementation
About PwC Contact Press Locations Organisation and Management Purpose, Values and Code of Conduct Reports Corporate Sustainability Our History Alumni
Careers Open Positions Career Events Experienced Hires Graduates Students Apprentices PwC as an Employer PwC's Career Blog
Research & Insights Our latest insights Subscribe to PwC insights Preference Centre

© 2018 - 2025 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.