24/7
Vigilance and real-world implementation guidance to catch environment anomalies early
SoftwareOne case study
Optinova and SoftwareOne build a path to cybersecurity maturity
Optinova balances complex global manufacturing security demands through a flexible, phased maturity model with SoftwareOne.
As a global manufacturer of highly specialized medical and industrial tubing, Optinova operates in an environment where cybersecurity and operational continuity are critical. With a small but highly capable IT team, the company sought a practical way to improve its security posture without overwhelming internal resources or disrupting day-to-day operations.
Rather than pursuing a traditional outsourced security model, Optinova chose SoftwareOne's Managed Security Posture service, a collaborative approach focused on continuous improvement, measurable progress, and knowledge transfer. Together, the two organizations established a structured security roadmap that has enabled Optinova to strengthen its defenses, improve governance, and build cybersecurity maturity step by step.
Partnership
Shared collaboration structure via monthly technical changes and quarterly strategic reviews
Optimization
Licensing costs matched directly to the internal capacity to absorb technical change
- Client
- Optinova
- Industry
- Healthcare, Manufacturing
- Platform
- Azure Cloud
- Services
- Managed Security Posture
- Country
- Finland
Safeguarding vital global manufacturing infrastructure
Based in Åland, an island group between Finland and Sweden, Optinova is a global leader producing advanced tubing for industrial and medical sectors. The company manufactures a wide range of components across multiple treatment areas, making its operations vital to healthcare systems worldwide.
Group IT Manager Maria Sommarström views her role as much more than simply managing technical infrastructure; she regards it as a vital societal safeguard. "For me, security is very fulfilling,” she says. “I feel I am safeguarding Optinova itself and therefore also protecting our medical tubing that is so important for our society and the health of people all around the world.”
Optinova operates a compact but versatile IT organization. “I have a small team working with infrastructure, support and security,” Sommarström explains, “but we are very, very flexible and we work very broadly.”
By late 2024, Optinova recognized that its cybersecurity posture needed to evolve and evaluated several vendors to support it in its goals. Most proposals centered on fully managed Security Operations Center (SOC) services. “We understood we needed help, but wanted to go with a phased approach, where internal learnings accelerated as well as security.”
Sommarström describes why SoftwareOne’s Managed Security Posture stood out among the options. “When SoftwareOne explained its step-by-step, proactive approach, that resonated with us because we are a small team and we can only handle gradual change.”
Optinova had already worked with SoftwareOne as a Microsoft licensing partner and used consultants for projects such as setting up Intune, so it was a natural step to extend the relationship into a more structured security partnership.
A security partnership built around continuous improvement
SoftwareOne’s Managed Security Posture service is designed as an ongoing cybersecurity partnership. Built around the Microsoft security ecosystem, the service focuses on strengthening identity security, endpoint protection, email security, and device management.
Rather than imposing rigid policies, the Managed Security Posture team works collaboratively with customers as an advisory-led extension of its IT team.
“I feel that with SoftwareOne we get the support we need in an area that is very complex to manage,” says Sommarström.
SoftwareOne began by reviewing Optinova’s Microsoft environment across identities, endpoints, and applications. The team established a recurring governance structure that included monthly technical sessions and quarterly strategic reviews tied to measurable maturity scores.
“Every quarter we get a score and insight into how the changes that we made affected our maturity,” Sommarström explains. “The score to us is a tool to assess where we are and to measure our progress. It’s also good for reporting.”
The maturity model helps Optinova prioritize improvements without overwhelming its internal resources. Rather than delivering a large audit report with dozens of unresolved recommendations, SoftwareOne guides the company through manageable changes step by step.
Sommarström particularly values SoftwareOne’s way of framing recommendations. “I love the fact that it’s not about saying ‘You haven’t done this or this or this’. It’s, ‘Okay, how can we do this? Can we help you to perform this next step?’
“SoftwareOne walks us through anything we feel that we are unsure. I feel that they’re holding our hands all the time.”
When SoftwareOne explained its step-by-step, proactive approach, that resonated with us because we are a small team and we can only handle gradual change.
Group IT Manager, Optinova
Ready to strengthen your security posture?
Discover how our advisory-led, step-by-step Managed Security Posture service helps small IT teams make measurable cybersecurity gains without disrupting operations.
Ready to strengthen your security posture?
Discover how our advisory-led, step-by-step Managed Security Posture service helps small IT teams make measurable cybersecurity gains without disrupting operations.
One of the biggest advantages for Optinova has been SoftwareOne’s ability to apply lessons learned from other customer environments. Instead of relying solely on internal testing and trial-and-error, Optinova benefits from practical implementation guidance based on real-world experience. Sommarström cites an example.
“If we deploy new security settings to devices, they warn us in advance that some computers may fail because of a BIOS setting that needs to be adjusted first. That kind of practical guidance helps us prepare properly, solve dependencies in the right order, and avoid unnecessary disruption.”
SoftwareOne also helped Optinova implement phased rollouts using pilot groups before broader deployment, minimizing disruption to users and operations. “Those kinds of things have been helpful,” adds Sommarström.
Strengthening security through vigilance, flexibility, and shared expertise
Optinova’s operating environment adds unique cybersecurity challenges that are uncommon in traditional office-based organizations. Many employees work in clean-room manufacturing environments where standard authentication methods are not always practical.
“In clean rooms, you cannot easily bring your MFA device,” Sommarström explains. “So we have to have a lot of rules to cover for that.”
Over time, SoftwareOne developed a deep understanding of these operational constraints, allowing the service to become more tailored and effective.
Beyond technical configurations, the partnership delivers significant financial value through continuous license optimization. The step-by-step approach to licensing allowed the company to scale its security features in tandem with its actual capacity to absorb change, avoiding the common pitfall of over-purchasing features before an organization is ready to deploy them. “Because even if you buy the highest one right in the beginning, you might not be able to take advantage of all the things you get,” says Sommarström. “So, we’ve taken it step by step in consultation with SoftwareOne.”
Over time, the cooperation between Optinova and SoftwareOne has settled into a regular cadence. “We now have a really good structure. We have quarterly meetings that are more strategic and we have a monthly meeting where we do technical changes,” says Sommarström.
When changes are needed, execution is shared flexibly, she adds. “Sometimes we do it, sometimes they do it, sometimes we do it together. It really depends on what it is. But SoftwareOne always asks for permission when they do something. There’s always collaborative communication between us.”
SoftwareOne also helps by monitoring metrics and highlighting anomalies in Optinova’s Microsoft 365 environment. “They have measurement points where they gauge our progress and they are always alert to changes or anomalies that could pose a potential threat.
“If they become aware of anything like that, they raise it immediately for us to consider,” Sommarström adds. “Fortunately, we have had no significant incidents or breaches, but in security, you can never let your guard down. You have to be vigilant 24/7, and SoftwareOne really helps us stay alert.”
SoftwareOne walks us through anything we feel that we are unsure. I feel that they’re holding our hands all the time.
Group IT Manager, Optinova
Sommarström is passionate about her job. “I love what I do and am motivated every day to improve the security of Optinova’s products, research, and commercial operations. I also want my colleagues and everyone in my life to be mindful of cybersecurity, which – unfortunately – we can never take for granted.
“SoftwareOne’s Managed Security Posture service has helped us improve our security beyond what we could have achieved on our own. I am grateful for that and look to our ongoing joint efforts to protect all the great work we do at Optinova.”
SoftwareOne’s Managed Security Posture service has helped us improve our security beyond what we could have achieved on our own.
Group IT Manager, Optinova
More case studies
Connect with our experts
Share a few details about your business challenge, and we’ll get right back to you.
Connect with our experts
Share a few details about your business challenge, and we’ll get right back to you.