/
/
Sanofi

Sanofi

Sanofi
Solutions offered

Sanofi switches to ultra-secure SaaS for all governance meetings

Sanofi is one of the largest and most successful healthcare companies in the world. Based in Paris, the French multinational is a truly global operation, with more than 100,000 employees in over 90 countries. As a consequence, the decisions taken by the company’s corporate governance have an impact well beyond the highly competitive pharmaceutical industry, influencing global stock markets and the course of scientific research.

“The information around our governance meetings is highly confidential, so it’s essential that we limit the number of people with access,” says Wilfried Laumond, the company’s Head of Cyber Security Risk & Services. Admin rights to the company’s global environment are held by hundreds of employees, and the infrastructure that supports it is managed by third-party service providers. Independent board members use their own software and infrastructure, too, which Laumond and his team are unable to secure. “We made it our goal to have a single, dedicated, secure environment for sharing data, with access limited to fewer than ten administrators,” says Laumond.

To do that, Sanofi used a dedicated on-premise solution developed by a contractor. But maintaining, updating, and securing the servers needed to run that software became an ever-greater burden. Sanofi looked for a zero-maintenance SaaS solution that could offer improved security for sharing highly confidential information. Oodrive Meet was a perfect fit.

“Only the people who need to see confidential data should be able to access it. Oodrive Meet makes that possible.”
Wilfried Laumond ,
Head of Cyber Security Risk & Services, Sanofi

Switching to SaaS security

On-premises solutions are often used by companies to create discrete environments for highly confidential data. But maintaining secure servers and underlying infrastructure can be expensive, tedious, and time-consuming. “We did not just have to update the solution, we had to update our hardware and platform, as well,” says Laumond. “Five years after launch, the Red Hat Linux platform it ran on was obsolete. We are a small team with a lot to do, and it doesn’t make sense to spend 15 days a year maintaining obsolete infrastructure.”

Obsolescence is a pressing concern at Sanofi, and a key driver behind the company’s strategy to move to the cloud. “Obsolescence has become more of a problem over the past five years,” says Laumond. “Not only are old systems being replaced faster than ever, we also have to manage the life cycles of an ever growing portfolio of assets. Businesses deploy new solutions all the time, but do not necessarily budget to manage them over time, so updates can be missed, which in turn increases the risk of security issues. SaaS solutions are a smart way to handle that problem.”

Sanofi uses Oodrive Meet as an ultra-secure SaaS solution to manage top-level governance meetings and share confidential information. Compliant to the highest international standards of infrastructure security, including the ANSSI SecNumCloud certification, Oodrive Meet delivers all the functionality of the company’s previous on-premises solution, with zero maintenance burden.

Choosing the right solution

Despite presenting maintenance problems for IT teams, the previous solution was well-adopted by users and had stood in place for seven years. “The biggest challenge was to persuade users to make the change, and secure the top-level decision to replace the old solution,” says Laumond. The widespread use of Oodrive Meet among leading companies in European stock markets helped convince stakeholders of its reliability, and Laumond and his team presented cost savings based on reduced maintenance obligations.

Most importantly, Oodrive Meet protects companies from the US CLOUD Act, a concern for any company in competition with US firms. Under the terms of the 2018 legislation, the US government can demand data from servers operated by US-based companies, regardless of where in the world those servers are located, including all infrastructure operated by or based on GAFAM systems. Oodrive ensures that no aspect of its software, infrastructure, or other systems falls under the remit of that legislation, so that Sanofi’s confidential documents and sensitive corporate discussions cannot be intercepted by foreign governments.

“Obsolescence presents real risks to cyber security. Oodrive Meet is always up-to-date, protecting data from the latest threats.”
Wilfried Laumond ,
Head of Cyber Security Risk & Services, Sanofi

Choosing the right solution

Despite presenting maintenance problems for IT teams, the previous solution was well-adopted by users and had stood in place for seven years. “The biggest challenge was to persuade users to make the change, and secure the top-level decision to replace the old solution,” says Laumond. The widespread use of Oodrive Meet among leading companies in European stock markets helped convince stakeholders of its reliability, and Laumond and his team presented cost savings based on reduced maintenance obligations.

Most importantly, Oodrive Meet protects companies from the US CLOUD Act, a concern for any company in competition with US firms. Under the terms of the 2018 legislation, the US government can demand data from servers operated by US-based companies, regardless of where in the world those servers are located, including all infrastructure operated by or based on GAFAM systems. Oodrive ensures that no aspect of its software, infrastructure, or other systems falls under the remit of that legislation, so that Sanofi’s confidential documents and sensitive corporate discussions cannot be intercepted by foreign governments.

A seamless transition

All 16 members of the Sanofi board accepted the switch to Oodrive Meet with no criticism or pushback from their assistants, the principal users of the solution.

Sanofi now limits administration rights for its secure environment to fewer than five select individuals, exceeding its goal to keep that number below ten people by eliminating the need for access by maintenance teams. With tight data controls, limited admin access, and dedicated infrastructure.

Sanofi gives board members the security they need to meet in confidence.

Restricts access

Enhances security by limiting administration rights to fewer than five individuals.

Liberates IT teams

Saves IT staff 15 days of work a year maintaining, updating and securing on-premises infrastructure.

Instant adoption

Transition to new solution was immediately accepted by all 16 board members and their staff.
Case study

Are you interested in this case study? Download it

Download now!

Fill out the form below to get your free copy.

Thank you!

Teamwork
begins with trust

Find out how your business can secure sensitive content, without slowing down work.

By industry

Aerospace & Defence

Energy

Government

Healthcare

Financial Services

Critical Infrastructure

By department

Information Security

Human Resources

Legal

Finance

Risk & Compliance

R&D and Engineering

Marketing & Sales