Major Social Game Developer Embraces Integrated Risk Management and New Risk Culture
Product
- NAVEX IRM
Tech Stack
- Integrated Risk Management
Implementation Scale
- Enterprise-wide Deployment
Impact Metrics
- Productivity Improvements
- Cost Savings
Technology Category
- Application Infrastructure & Middleware - API Integration & Management
Applicable Industries
- Software
Applicable Functions
- Business Operation
Use Cases
- Cybersecurity
- Regulatory Compliance Monitoring
Services
- System Integration
About The Customer
The customer is a high-profile social game developer that creates popular mobile games enjoyed by millions. The company was growing fast and leveling up, but it was not a skilled player at managing risk and complying with regulations. They were still using spreadsheets, word-processing, email, and an Intranet site for governance, risk management, and compliance. As a result, the company couldn’t see vulnerabilities and the risks posed by them. Asset inventory audits took months to reconcile. Onboarding new vendors took four weeks. Even convincing employees to acknowledge company policies, like acceptable use, was a Herculean effort.
The Challenge
The social game developer was facing challenges in managing cyber risk, compliance, and audits due to inadequate processes. They were using spreadsheets, word-processing, email, and an Intranet site for governance, risk management, and compliance. As a result, the company couldn’t see vulnerabilities and the risks posed by them. Asset inventory audits took months to reconcile. Onboarding new vendors took four weeks. Even convincing employees to acknowledge company policies, like acceptable use, was a Herculean effort. The company needed a senior analyst to lead its nascent program, as well as invest in a technology platform that could streamline cyber risk, compliance, and audit management activities while supporting game development.
The Solution
The social game developer selected NAVEX’s GRC platform, IRM to create a new IT and cyber risk program. The goals of the program were to get a bird’s-eye view of vulnerabilities, risks, audits, and policies, address employee challenges, like version control, understand and control the vendor lifecycle, make audits faster and less painful, and help employees understand their responsibilities as risk stakeholders. NAVEX IRM’s integrated risk management capabilities address eight business use cases: Compliance and policy management, Vendor risk management, IT risk management, Continuous monitoring, Business continuity management, Operational risk management, Audit management, Health and safety management.
Operational Impact
Quantitative Benefit
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
Related Case Studies.
Case Study
Infosys achieves a 5–7 percent effort reduction across projects
Infosys, a global leader in consulting, technology, and outsourcing solutions, was facing significant challenges in application development and maintenance due to its distributed teams, changing business priorities and the need to stay in alignment with customer needs. The company used a mix of open source, home-grown and third-party applications to support application development projects. However, challenges resulting from distributed teams using manual processes increased as the company grew. It became more and more important for Infosys to execute its projects efficiently, so they could improve quality, reduce defects and minimize delays.
Case Study
Arctic Wolf Envelops Teamworks with 24x7 Cybersecurity Protection and Comprehensive Visibility
Teamworks, a leading athlete engagement platform, faced rising cyberthreats and needed enhanced visibility into its network, servers, and laptops. With software developers connecting from all over the world, the company sought to improve its security posture and position itself for future growth. The company had a secure platform but recognized the need for a more proactive solution to identify gaps within its technology infrastructure. Data exfiltration and malicious access were top concerns, prompting the need for a comprehensive security upgrade.
Case Study
Sawback IT and Datto Save Client From a Costly Mistake
Ballistic Echo, a software development house, faced a critical challenge when human error led to the deletion of thousands of lines of unique code. This incident occurred before the code was pushed to source control, resulting in significant loss of time, revenue, and work. The previous file-level backup solution they used was slow and inefficient, making it nearly impossible to manually recreate the lost work. The need for a more reliable and efficient business continuity solution became evident to avoid such disasters in the future.
Case Study
Opal Helps Customers Shine Thanks to Datto
SP Flooring & Design Center faced a ransomware attack that encrypted and locked their files. The attack was initiated through a compromised service account set up by an outside vendor. The ransomware infection was isolated quickly, but there was a concern about the extent of the data at risk. The company had backups in place but was unsure of how much information was compromised. The situation required immediate action to prevent further damage and restore the affected data.
Case Study
Zapier Aggregates Multiple Analytics in a Single Dashboard with the New Relic Platform
Zapier, a company that enables non-technical users to push data between hundreds of web applications, was facing a challenge in automating and provisioning servers for optimal performance. The company's environment consisted of 50 Linux servers on the Amazon Elastic Compute Cloud (EC2), a Django application split across several servers, and a backend consisting of a dynamic number of celery task workers fed by messages published to a RabbitMQ cluster. They also maintained a number of internal web services on nginx in front of Gunicorn and Node.js processes. Redis handled simple key and value stores, with logging handled by Graylog2 and ElasticSearch. However, they realized that no level of automation would be sufficient without an effective monitoring solution in place. They needed a tool that could provide immediate alerts when something was breaking and could be easily implemented into their environment.
Case Study
Pipeline Insight Case Study: YARCDATA
YarcData faced challenges in determining the conversion rates of prospects into customers through various marketing efforts and identifying the source of its leads. They wanted to know the percentage of opportunities in the sales pipeline that came from different marketing events, web downloads, or self-sourced sales opportunities. Additionally, they needed the ability to drill down into the data to guide where to allocate more marketing dollars based on the success of previous efforts. Previously, YarcData relied heavily on spreadsheets and Salesforce.com reports, which made it difficult to extract the exact information they needed. This reliance on spreadsheets represented about 70% of their data presentation.
