Azure Cloud: External security check at Oniva
Event platforms process large volumes of personal data every day. Oniva co-founder Marc Blindenbacher explains why an external security review was an important step during a cloud migration and what value the bug test provided.
Marc, for those who don’t know Oniva yet: what do you do?
Oniva is a Swiss event solution that helps organisations automate, professionalise and scale their event management across all event formats. As an all-in-one event platform, Oniva combines event marketing, event websites, registration, participant management, ticketing and on-site check-in in a single solution.
Oniva simplifies the event experience for attendees and gives event managers full control over the entire event process, from invitation through to post-event evaluation.
Our customers process personal data. As a provider, we are responsible for ensuring that this data is processed and stored in a trustworthy and responsible manner.
Why is security such an important topic for you as an event platform?
When our customers run events on our platform, they work with personal data. As a provider, we are responsible for ensuring that this data is processed and stored in a trustworthy and responsible manner. That is why high security standards are essential for us.
Why did you decide to carry out an additional security review?
Oniva was originally part of the Swisscom environment and has been operating as an independent company for around two years. As part of our cloud strategy, we migrated to Microsoft Azure.
In that context, we wanted a professional external view of what “state-of-the-art” security standards look like for configuring our new cloud environment, and whether we were set up accordingly.
How did you experience the Bugtest?
The Bugtest was flexible and professional. During the migration, we had very short lead times, and GObugfree adapted quickly. They took our specific requirements seriously, and we were supported by very experienced experts.
What insights did you gain from the Bugtest?
The evaluation was very helpful. On the one hand, it confirmed that we’re already doing many things very well, and that external confirmation alone is extremely valuable.
On the other hand, there were a few points that were easy to implement. With relatively small measures, we were able to further strengthen our security posture. Particularly valuable was the comprehensive expert assessment, including concrete recommendations for improving our cloud configuration.
How would you describe the collaboration with GObugfree?
The collaboration with GObugfree was flexible and straightforward. We quickly felt we were on the same wavelength. It was professional, but also clearly tailored to our requirements, with no rigid one-size-fits-all approach.
Especially during phases of change, such as a cloud migration, an external security perspective is extremely valuable.
Would you recommend the Bugtest?
Yes, absolutely. And we’re happy to continue working with GObugfree in the future. Especially during phases of change, such as a cloud migration, an external security perspective is extremely valuable.