About Inexto SA
Inexto SA is a leading provider of software and services for authentication, product serialization, track & trace, and manufacturing regulatory compliance. They have multiple subsidiaries in India, Colombia, Spain, and Poland and have a quickly growing number of 150 employees.
We spoke to Jonathan Farrell, Information and Quality Assurance Manager at Inexto, about how they use Guardey to improve training participation and prove ISO 27001 compliance to auditors.
Challenge: motivating employees to participate in security awareness training
Jonathan’s job is to make sure that employees across all Inexto’s locations are compliant with ISO 27001 and ISO 9001 regulations. Before they started using Guardey, he called this process “a nightmare”.
“I spent a week per year creating training materials for information security. And then another week for quality assurance. After that, I would spend all my time chasing people to get them to actually do the training so that I had a positive record for the ISO audits,” says Jonathan.
ISO auditors ask for evidence of participation in mandatory training. Jonathan: “Our previous training tool gave us no additional details about the end-user. I didn’t know what geographic location they were from, for instance. So when the auditors were analyzing our location in Madrid, I wasn’t able to indicate the quality of the work being done by those specific employees.”
Solution: a gamified training platform with in-depth analytics
Inexto now trains employees with Guardey. During weekly micro-challenges that take 3 minutes to complete, employees learn about topics such as phishing, malware, device security, and much more. In a company-wide leaderboard, colleagues can see how they are performing compared to each other, which adds a fun competitive element.
For Jonathan, Guardey’s gamified approach made it stand out from all other security awareness training providers. “Before I landed at Guardey, I did a demo with two other solutions. Those programs got the job done too. But they just weren’t as engaging. They really felt more like a regular training program. I would imagine that our employees would simply ignore it and stop engaging after a while.”
Using analytics to prove compliance
Jonathan praises Guardey’s analytics. “I really like the spider chart that shows how the team scores on each topic. Besides helping to prove compliance, it’s very good at giving me an indication of where certain employees need to improve. We have loads of policies and procedures, and it’s nice to just send out a message and say: ‘Look, I see we have a dip here, perhaps you may want to re-read this policy’.”
“With Guardey, I can group users per geographical location, which enables me to extract specific data for the audits,” Jonathan continues. “This was a point of improvement that was highlighted during one of the previous audits, and now it has been completely covered from our side. I don’t have that headache anymore.”
Customizing content for quality assurance training
Guardey’s regular training program focuses on information security. But with the custom content feature, admins can add new challenges about any topic they want. Jonathan plans to use this feature to create a quality assurance training program.
“I’m looking forward to getting into creating custom content with Guardey,” says Jonathan. “I can already see how I can leverage it for quality assurance compliance as well. Our employees are already familiar with Guardey, already have logins, and are already engaging with it. So maybe once a month, I’ll create a challenge for quality assurance, and then I’ll get this beautiful spider chart again which is going to be very good for the auditors.”
Onboarding new users with the click of a button
Inexto is growing fast. This month, three new people joined the company, and four more people are scheduled to start next month. “The flexibility of Guardey’s subscription system is a big plus for us,” says Jonathan. “I simply add new users to a group in Azure AD with SSO authentication and the job is done. It’s very, very easy.”
“I don’t have any overhead now,” Jonathan continues. “It only took one email to introduce people to the system and I already have about 60% of all employees onboarding within one month.”
The results: training participation rate is through the roof
After one month of using Guardey, Jonathan already describes it as a success. “The uptick in participation has been fantastic. In most cases, when somebody gets started, they’re regularly performing the training. I think this is because Guardey doesn’t take a lot of time. And most of all, it’s fun. Employees have even set up their own little competitions internally. So we have the company-wide leaderboard, but the teams themselves are now even having their little competitions in Microsoft Teams group chats. Guardey has brought out the competitive nature in them.”
Because Guardey’s training content has been made to suit everybody, nobody feels like they’re being neglected by the training. “It works just as well for the finance department as for development and HR. Nobody has ever come back to me saying that the questions aren’t relevant to their job,” says Jonathan.
Don’t let hackers outsmart you
Make sure your employees are prepared to recognize cyber threats with Guardey. Start your 14-day free trial today.
