According to McKinsey, the construction industry is second only to agriculture 6,600 in the reluctance with which it has embraced digital transformation, a fact which seems incongruous with the collaborative and dynamic nature of the industry. Neil Binnie, Group Head of Information Security and Compliance at Morgan Sindall, has worked within the industry for many years and describes his role as “protecting the company, helping walk the line between going too far and not going far enough” as it determines the best practices to achieve the productivity and cost benefits of digital transformation within the tight regulations in which it must operate.
The challenge that Binnie and the team faced was that while the group had embraced new cloud application models—using Microsoft 365 among other things—it was still using dated on-premise appliances for security.
Binnie explains, “Our web gateways were designed for a different architectural approach. They also gave us limited levels of visibility and control. The on-premise model no longer made sense as we moved towards increased remote working. If we equip employees with laptops and invest in cloud computing, then it’s logical that the workforce should be able to access the things they need to do their job from anywhere. But if the data traffic is having to hairpin back to the data centre for security then they remain tethered, subject to bandwidth issues and delays.”
Binnie continues, “We knew we wanted to move to an internet-based SaaS model for our web security and so the initial RFP focused on cloud Secure Web Gateways.”
As the RFP progressed, Netskope emerged as the clear frontrunner. Binnie comments, “As well as the technical functionality, we had other requirements for the companies in the RFP. We needed them to prove long- term stability and a strong UK and European presence. While these requirements knocked other companies out of the process, Netskope sailed through.”
Although the RFP had started off as a Secure Web Gateway (SWG) requirement, during the process it became apparent that the ability to combine SWG with CASB and DLP functionality would be a huge advantage.
Binnie continues, “Gartner’s SASE vision really aligned to our business challenges. We have a hybrid environment and ultimately need a security approach which can handle a constantly shifting perimeter. The integrated approach also has huge benefits on a tactical, day-to-day management basis. I don’t like gaps as it can be hard to identify who is responsible for things, but if your security follows the data wherever it goes, then those gaps disappear.”