Client
The Health 2 Employment Group comprises two distinct entities, OH One, the trading named corporate division, with a growing and enviable reputation for providing SEQOHS accredited occupational health and wellbeing services, including;
In addition, the second entity Health 2 Employment (H2E), works nationally delivering the Department of Work and Pensions (DWP’s) flagship Work and Health Programme and a range of specialist health interventions for a number of Prime Contractors. They offer occupational health advice and guidance, occupational health assessments and work focused action plans to any participant whose health is a barrier to them progressing towards their goals.
They also provide health support to get individuals back into work, to help businesses manage health-related absence and productivity or to help individuals to manage their own health issues.
The Challenge
H2E needed to manage security for its users carefully, especially because it works in a heavily regulated industry and deals with sensitive healthcare data. The company's applications and data are hosted in Microsoft's online 365 productivity suite, supporting a workforce of around 60 users that often logs in from remote locations around the UK. This introduces potential security issues that take skilled IT technicians to mitigate.
H2E's relationship with its existing IT services provider was up for renewal, and the provider was eager for the company to buy additional products to stay resilient. H2E was sceptical about the cost and effectiveness of these new solutions. It wanted to adopt a simpler, less expensive solution that offered the same level of functionality and security.
The Solution
H2E had attended an online cybersecurity expo with Probrand in 2021, and had been impressed enough to call the service provider back for a more in-depth discussion. Its team filled out a cybersecurity assessment, which helped Probrand to assess its current strengths and weaknesses and create a gap analysis.
Probrand provided honest feedback about room for improvement in H2E's existing IT security, focusing on how to bridge those gaps at reasonable cost. This resulted in a comprehensive product and service package.
The relationship between the two companies flourished. Probrand had initially quoted H2E on a range of discrete cybersecurity products and services, but this quickly expanded until Probrand became the main IT function for H2E.
Probrand configures and manages H2E's fleet of endpoints, along with device and email security, end-user accounts, and the Microsoft software licenses that they use. It also handles everything from firewall configuration to managed wireless services, and supports their staff both on-site and remotely across the UK. It ensures that H2E's systems are securely updated, and has trained the company's staff in basic cybersecurity hygiene.
The Probrand team also assisted H2E in obtaining the National Cyber Security Centre's Cyber Essentials certification. This qualification helps to ensure that an organisation is following basic good cybersecurity practice. As such, it also builds trust with customers that the company is managing their information responsibly.
Cybersecurity is not a fire-and-forget project; it is an ongoing relationship that must evolve as the threat landscape changes. Probrand's representatives have worked hard to ensure that H2E remains happy with its IT and security operations, informing the client quickly of any forthcoming vendor licensing changes while meeting with directors to review the account.
"On the whole the experience working with Probrand has been extremely positive," says H2E's Governance and Data Manager Stephanie Pearson. "My Account Manager is always at the end of the phone should any issues arise, and has been happy to get involved on our behalf to escalate things as needed and when appropriate." This is especially important given the eight-hour service level agreement that H2E requires.
This attention to detail proved invaluable for H2E when logistics issues introduced a speed bump for the company. A courier had failed to deliver a laptop to one of its employees, and H2E was struggling to resolve the problem. "Probrand colleagues went out of their way, and the responsibilities of their role, to personally deliver a new laptop," Pearson recalls. "I very much appreciated them taking the initiative and acting swiftly to help us out."
Trust lies at the heart of the Probrand/H2E relationship. H2E now relies on the Probrand team to provide transparent, honest advice about new security and IT solutions. The service provider also draws upon its rich set of relationships in the IT supply chain to connect H2E with technology vendors, offering the most appropriate, cost-effective solutions.
The Result
Working with Probrand has delivered valuable cost savings for H2E, along with hardened cybersecurity protection. "Some of the products used have helped keep us safe from phishing and malware, while prompting colleagues to think about how they send and receive emails and other potentially sensitive or personal data," Pearson says.
The contract between H2E and Probrand has developed beyond a simple client-service provider relationship into a partnership. It has reintroduced trust into technology, which is an opaque topic than can often leave business customers feeling vulnerable and uneasy.
H2E now feels more comfortable discussing its IT and cybersecurity needs, confident that Probrand has its best interests in mind when proposing new solutions. Probrand has become an extension to H2E's business, attending director's meetings and helping the company to plan for its technology needs at a strategic level. When it comes to IT for this health services provider, Probrand's expertise was just what the doctor ordered.