Anastasiya Novikava
Copywriter
Anastasiya believes cybersecurity should be easy to understand. She is particularly interested in studying nation-state cyber-attacks. Outside of work, she enjoys history, 1930s screwball comedies, and Eurodance music.
ROCKEN, based in Zurich, Switzerland, operates in the recruiting sector, offering a unique blend of consulting and recruiting services. Their office boasts a dynamic team of recruiters, consultants, and business account managers dedicated to bridging the gap between companies and candidates.
The company's edge is its extensive database, housing detailed candidate profiles enriched with personal interviews, experiences, and expectations. This database, coupled with their custom CRM crafted by their dedicated outstaff development team, stands as their cornerstone, offering a nuanced understanding of each candidate's profile.
The extensive database, containing candidates and employer information, is the apple of the eye that needs to be protected sufficiently. Julia Zaliznytska, Product Manager and a bridge between business and development, shares why using security services like NordLayer in ROCKEN's line of work was critical.
With business expansion plans and team growth, safeguarding ROCKEN’s expanding database became paramount as the company faced a dual challenge.
We are working for the Swiss market at the moment, and we are extending to Germany this year, and we will have even more data that needs to be protected.
First, they had to protect vast amounts of sensitive data, including candidates' personal information and client companies' corporate data, against increasingly sophisticated cyber threats such as DDoS attacks.
With DDoS attacks as a threat and users leaving loads of personal data on the platform, we wanted to provide better protection than just relying on passwords.
The team also has gated content on their website, including market overviews and research that is not for free and, thus, must be secured from unverified access.
Second, ROCKEN had to accommodate its hybrid work model with employees and developers working remotely across Switzerland, Germany, Ukraine, and Estonia. For a company with all infrastructure in the cloud, it’s essential to have secure remote access to the internal systems from any location.
Some employees are fully remote, while locals must visit the office three time a week. For this reason, the company needed a unified approach connecting to the company network that is robust against cyber threats.
After the launch, the company was small and didn’t have much data to protect—securing IP addresses on their own CRM was sufficient initially.
As ROCKEN grew rapidly from 30 to 91 employees, they sought a reliable solution that scales together without compromising security. The solution had to seamlessly integrate for remote and office-based employees alike, ensuring data protection across all touchpoints.
Besides exponential growth, the main triggering factor for enhanced security was a reminder of constant online threats. An identified DDoS attack didn’t do any tangible damage to the company but sent a message that the risk is always there.
Once, we have experienced a DDoS attack. Whether it was an attacker or rivals testing our protection levels, the attack didn’t result in a data breach but reminded us that we are hunted.
A more complex and robust solution than passwords and authentication apps was needed to protect the company network. After a thorough market comparison, ROCKEN chose NordLayer for its comprehensive corporate VPN solutions.
Several factors influenced ROCKEN’s decision to partner with NordLayer. Primarily, it was necessary to ensure more complex and layered security solutions in place. Then, it had to be ensured that all connections are encrypted and authenticated.
The access is secured only for those who already have access inside our organization once on-site and through the VPN once remote. Developers use VPN to connect to the production and staging systems.
Notably, team members' personal positive experiences with NordVPN influenced the decision. Moreover, the responsive and accommodating nature of NordLayer's customer support and the platform's cost-effectiveness, especially with the provided growth-supportive discount, have been significant factors in choosing the tool.
We compared many services, but the majority lacked corporate solutions that are centralized in management and payments. NordLayer offered an all-in-one platform with bulk organization control and setup.
NordLayer's reputation for reliability and its ability to offer a scalable, secure solution for a growing company like ROCKEN were decisive.
The implementation of NordLayer was smooth and swift, taking just a week to onboard the entire organization, thanks to the clear instructions and support provided.
Despite initial hiccups with corporate laptop setups, the transition to NordLayer was well-received across the organization.
There were absolutely no issues with NordLayer. Because we have corporate laptops that a third-party organization manages, devices weren’t prepped in advance for all users; thus, whole organization onboarding took up to a week.
The VPN's no-logs policy and the ability to manage teams and users through a simple portal were particularly appreciated, ensuring ROCKEN’s operations remained secure without sacrificing efficiency.
It’s a good idea to use post-it notes for everyday cybersecurity tips as a reminder, but not passwords. This and many other tips come from our case study heroes. This time, we asked Julia Zaliznytska, a Product Manager at ROCKEN, to share her favorite habits for practicing cybersecurity hygiene.
Rocken's partnership with NordLayer underscores the critical importance of robust cybersecurity measures in today's digital landscape, especially for companies dealing with sensitive data.
Through strategic planning, careful vendor selection, and a focus on scalability and security, ROCKEN has successfully fortified its defenses, ensuring the confidentiality and integrity of its data as it continues to grow and expand into new markets.
Subscribe to our blog updates for in-depth perspectives on cybersecurity.