Fleurop relies on Bugtest: Straightforward security on equal footing

Istvan, Fleurop is widely known as a flower delivery service. What does the business look like in Switzerland?

Fleurop makes it possible to send fresh flowers through a network of local florists in Switzerland and around the world. Fleurop-Interflora enjoys a strong global reputation and will soon be celebrating its 100th anniversary. In Switzerland, we operate as an independent company based in Wangen near Dübendorf. Our team consists of around 50 people, so we clearly fall into the SME category.

We don’t run our own flower shops. Instead, we focus on flower brokerage. Around 320 florists are connected to our network across Switzerland, and more than 40,000 worldwide, in over 150 countries. Orders are placed through our webshop, and delivery is handled by local partners. We never actually handle the flowers ourselves, but flowers are everywhere around us.

Why is cybersecurity so critical to your business model?

Fleurop is an internationally recognised brand. It stands for freshness in a perishable product, on-time delivery, emotion, and trust, especially when it comes to cross-border orders.

A large part of our business runs through our webshop. If the webshop becomes unavailable, we feel the impact immediately. Even a few hours of downtime can have a direct impact on the business. That’s why our systems need to be secure, stable, and resilient.

At the same time, we operate with the limited resources of a typical SME IT department. This is economically efficient, but technically demanding. We needed a security partner who understands our constraints, works pragmatically with us, and communicates clearly and simply.

How did you come across GObugfree’s Bugtest?

At an event organised by the Swiss Trade Association, GObugfree Co-CEO Christina Kistler presented crowd-based security approaches. That immediately resonated with me. In addition, some of our partners, such as Maestrani, known for its chocolate products, and fellow association members like Transa, were already working with GObugfree.

How did you get started?

In the past, we mainly focused our security testing on infrastructure. Because our webshop is developed internally, it was important for us to get an external view on application security as well.

We were looking not only for technical experts, but for a partner with a similar mindset. A Swiss SME, straightforward, who would work with us on equal footing. Initially, my team had some concerns about the effort involved, but the process turned out to be remarkably smooth. Everything was implemented quickly, transparently, and without friction.

What value did the Bugtest deliver?

Especially in our B2B business, we have to meet compliance requirements. For some of our larger customers, particularly in regulated industries, up-to-date security validation has become a prerequisite for collaboration. The Bugtest provides exactly the level of transparency required.

At the same time, it confirmed that we are fundamentally well-positioned. There were a few minor findings, small issues that we were able to resolve quickly.

The test is now firmly embedded in our security strategy. We run it annually, and it has become standard practice for us. Our brand is simply too valuable to accept compromises when it comes to security.

What were the key takeaways for you?

Above all, the test provided us with confidence and reassurance. We were naturally relieved that the re-test this year uncovered hardly any issues. That shows we’re moving in the right direction.

There’s also a strong learning effect. Our developers gain new insights with every test. It fosters openness and security awareness. Today, security is just as important as solid engineering.

What has working with GObugfree been like?

The collaboration is very pleasant and straightforward. We particularly appreciate that GObugfree is local, speaks our language, and understands how SMEs operate. The solution itself is simple, and we didn’t have to install anything. That was a major plus for us.

Would you recommend the Bugtest to other Swiss SMEs?

Yes, absolutely. The cost-benefit ratio makes sense. The Bugtest is an ideal way to establish a clear security baseline. It covers exactly what is relevant for SMEs, at a fair price. Everything is explained clearly and personally. You don’t feel like a small customer, but like a valued partner. That makes all the difference.