The Interview

We sat down with the Chief Operating Officer of a financial services company to discuss the company’s IT challenges and goals, and how Open Systems provided a comprehensive solution.​

What is your role within the company?

I am the Chief Operating Officer of our corporate group. While we employ around 40 people overall, our organization is internationally distributed. Our headquarters are in Zurich, where a small core team of four to five people is based. Our operational entities are in Ireland and Singapore, each with approximately 16 employees.

As Group COO, I am primarily responsible for our entire IT infrastructure and for the IT services we provide to our global locations.

What challenge were you aiming to address together with Open Systems?

Our collaboration with Open Systems started before I joined the company. At that time, we also had an office in the United States, and the main objective was to reliably connect all our locations. From the very beginning, the connectivity between our local servers worked extremely well – and it continues to do so today.

When we later moved to the cloud, this requirement became even more important. Open Systems now ensures that all employees worldwide can access our cloud environment securely and reliably at all times.

What did your network and security setup look like before working with Open Systems?

In the past, we employed two internal IT specialists who handled all IT-related tasks themselves. When I joined the company, only one internal IT employee remained. After that person left, we faced a fundamental decision: either hire a new in-house specialist or fully outsource IT operations.

We chose to outsource. We handed over our internal IT infrastructure to an external cloud provider, while firewall and network responsibilities were assigned to Open Systems. Since then, my role has largely involved coordinating between the different service providers.

This model has clearly proven successful. Today, IT systems must be available and secure around the clock. Since many cyberattacks occur at night or on weekends, 24×7 support was essential for us – and simply not realistic with only two or three internal IT staff. That is why I firmly believe outsourcing these areas is the right approach, and Open Systems has been an ideal partner for us.

How has using Open Systems’ SD-WAN changed your day-to-day operations?

For a company of our size, operating a proxy firewall is somewhat unusual. It does make the setup more complex, but it also significantly improves security. We discussed for a long time whether the added effort was justified. In hindsight, I can clearly say that it was.

In at least two cases, the proxy firewall prevented malware from establishing a connection to its command-and-control servers – exactly what this solution is designed to do.

About two years ago, we implemented a major change. In Zurich, roughly half of our team works remotely, and at the time we were still using a physical firewall at the office. Today, we rely entirely on ZTNA and additionally use cloud proxies. This combination has proven to be extremely effective for us. Internet access is now provided locally through the cloud proxy, which works very well in Zurich.

In Singapore and Ireland, we continue to operate physical firewalls at the office, supplemented by ZTNA for remote work. Overall, the transition has made a lot of sense and has significantly strengthened both our network and security architecture.

Why did you move from Mobile Entry Point (MEP, client VPN) to ZTNA?

Before making the switch, we experienced numerous hacking attempts, and user accounts were frequently locked. That was a clear indication that our attack surface was too large. At the same time, it became evident that our existing setup was unnecessarily complex and that ZTNA would offer clear advantages.

ZTNA not only improves security but also reduces reliance on local infrastructure. When working from home, we previously needed MEP and often a locally hosted proxy, which led to certain limitations. With ZTNA combined with cloud proxies, we gain much greater flexibility. Because Open Systems operates globally distributed Points of Presence, the impact on performance is significantly reduced.

What we value most about ZTNA is the granular access control and the ability to implement a true always-on security model.

Why did you choose ZTNA from Open Systems?

We were already an Open Systems customer and had consistently positive experiences. It also made sense for us to source all security-relevant services from a single provider, as that greatly simplifies collaboration. In addition, the price-to-performance ratio was very compelling.

We particularly appreciate the all-inclusive approach. Transparent flat-rate pricing allows us to plan our IT costs reliably and maintain full cost visibility at all times.

Did financial industry requirements influence your decision?

We are an attractive target for cyberattacks, which is evident from the large volume of phishing emails we receive every day. As a financial services company that regularly processes high-value transactions, attackers often attempt man-in-the-middle attacks.

They may compromise customer email accounts or try to gain access to our systems in order to send fraudulent invoices with manipulated bank details. We encounter such attempts on an ongoing basis, which makes constant vigilance essential. That is exactly why we rely on Open Systems’ security solutions – they help us consistently and effectively reduce these risks.

What role does the 24×7 managed service play in daily operations?

It plays a critical role for us. When a security incident occurs – and experience shows that this often happens in the evening or on weekends – it is extremely valuable to have access to true 24×7 support.

Our cloud service provider also offers round-the-clock assistance, and in critical situations these services work seamlessly together. This gives us confidence that we will receive fast and reliable support whenever it is needed.

What concrete improvements have you seen from this collaboration?

I am aware of at least two specific incidents where our proxy firewall prevented malware from connecting to a host. Such risks arise constantly – for example, when someone accidentally opens a malicious file.

In both cases, the antivirus system triggered an alert, and the firewall reliably blocked the connection. Incidents like this likely occur more often than people realize. You can regularly see in the log files which threats are being stopped. For us, this clearly demonstrates how effective these security measures are.

How does ZTNA support your regulatory requirements (BaFin, GDPR, ISO 27001, etc.)?

ZTNA plays a major role in helping us meet compliance requirements and significantly simplifies the completion of numerous questionnaires. Our local entities in Ireland and the Cayman Islands are subject to strict regulatory standards, and many of our clients also require formal proof of compliance.

Insurance is another important factor. Today, it is becoming increasingly difficult to obtain a policy unless you can demonstrate substantial investment in cybersecurity. Fortunately, this has not been an issue for us, as we have continuously strengthened our security posture over the years – and these investments have clearly paid off.

How would you describe the user experience today compared to the past?

The user experience, including the Mission Control Portal, continues to improve. Implementing ZTNA requires a significant upfront effort, as configurations must be very precise. However, that same effort results in a much higher level of security.

Our Technical Account Manager at Open Systems is a major advantage here, as he has deep knowledge of our specific setup. As part of the managed service, we are currently modernizing the environment together so that future updates – such as changes introduced by Microsoft – are applied automatically.

This approach also makes day-to-day management much easier. In the past, employees often found it confusing when different firewall rules applied at the office versus at home. By standardizing access through ZTNA, usability has improved significantly.

What do you value most about working with Open Systems?

Working with Open Systems is consistently efficient. When we need support, we receive solutions quickly – even in critical situations. I particularly appreciate that complex technical topics are explained clearly and in plain language. This makes collaboration very straightforward, especially for me as someone with a background in finance rather than IT. Even without deep technical expertise, I can easily manage and oversee all processes together with the Open Systems team.

What are your next steps in the Zero Trust journey?

At the moment, we do not have specific next steps defined. Over the past two to three years, we have already implemented a great deal. Our current focus is on consolidation. Once that is complete, we will evaluate which additional measures it makes sense to pursue.

Where do you see the next step in your network or security strategy?

Right now, we are looking closely at CASB (Cloud Access Security Broker) solutions. Our employees increasingly use online tools – such as PDF converters – and we want to either block these tools or at least control them more effectively. I expect this need to grow significantly as the use of AI continues to increase.

I am personally a strong advocate of AI and use it extensively. At the same time, this is where the challenge lies. AI applications can make systems more permeable in many ways. While you try to protect data, information often flows out in uncontrolled ways, which creates risks.

We have not yet identified the ideal solution. In many cases, you have to rely on the security standards of individual providers – much like many organizations do with Microsoft, assuming that “what Microsoft does will be ok.” With tools such as Perplexity combined with the new Comet browser, for example, it is difficult to understand exactly what data is being transmitted, making it harder to control sensitive information.

What advice would you give to other companies facing similar challenges?

I firmly believe that investing sufficiently in cybersecurity is always worthwhile. A single major incident can be enough for a small or mid-sized company to lose customer trust. That is why it is critical to invest in security early and consistently to minimize these risks.

Is there anything else about working with Open Systems you would like to highlight?

What stands out most is the 24×7 managed service, which provides a reliable point of contact at all times. Even on weekends, tickets are handled promptly if an issue arises.

At the same time, we benefit from a strong local presence. Not only product development and account management, but also many support staff are based in Switzerland or operate according to Swiss quality standards – and those standards are exceptionally high.