公司规模
Large Corporate
地区
- America
国家
- United States
产品
- NAVEX IRM
技术栈
- Risk Management Software
实施规模
- Enterprise-wide Deployment
影响指标
- Productivity Improvements
- Customer Satisfaction
技术
- 应用基础设施与中间件 - 数据交换与集成
适用行业
- Software
适用功能
- 商业运营
用例
- 监管合规监控
- 远程资产管理
服务
- 系统集成
关于客户
The customer is a high-growth software company based in Portland, Oregon. They build a popular enterprise communication solution for employee collaboration. As the company grew, it faced increasing regulatory requirements from new industries such as healthcare and finance, geographic data privacy laws, and various requirements for third-party vendor relationships. The company's existing risk management processes, which relied heavily on spreadsheets, emails, shared drives, local drives, and even print-outs, were proving inadequate. The company had no central repository for risk management data, and the information security manager was struggling to manually find and track all this information. The company needed a more efficient and effective way to manage risk, track audit requests, align their responses to regulatory requirements, demonstrate compliance, and protect customer data.
挑战
The software company, based in Portland, Oregon, was facing a growing challenge in tracking and responding to risks posed by customer data collection. As the company grew, it faced increasing regulatory requirements from new industries such as healthcare and finance, geographic data privacy laws, and various requirements for third-party vendor relationships. The company's existing risk management processes, which relied heavily on spreadsheets, emails, shared drives, local drives, and even print-outs, were proving inadequate. The company had no central repository for risk management data, and the information security manager was struggling to manually find and track all this information. The company needed a more efficient and effective way to manage risk, track audit requests, align their responses to regulatory requirements, demonstrate compliance, and protect customer data.
解决方案
The company chose NAVEX IRM from NAVEX to formalize and speed up their customer audit program, while at the same time ensuring compliance and third-party due diligence. NAVEX IRM helped the software company manage and respond to the influx of customer audits by centralizing all risk data and documentation, significantly reducing the time and effort to find requested information. The company was also able to formalize a third-party risk management program, automatically issuing comprehensive risk assessments to all third parties. Answers were automatically weighted and scored to provide instant visibility into high-risk vendors. In addition to solving headaches related to customer audits, the software company was able to orchestrate a multiregulation compliance program to track and manage compliance efforts required by their customers. They were also able to use the platform to maintain their ISO 27001 certification and SOC II compliance.
运营影响
数量效益
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
相关案例.
Case Study
Infosys achieves a 5–7 percent effort reduction across projects
Infosys, a global leader in consulting, technology, and outsourcing solutions, was facing significant challenges in application development and maintenance due to its distributed teams, changing business priorities and the need to stay in alignment with customer needs. The company used a mix of open source, home-grown and third-party applications to support application development projects. However, challenges resulting from distributed teams using manual processes increased as the company grew. It became more and more important for Infosys to execute its projects efficiently, so they could improve quality, reduce defects and minimize delays.
Case Study
Arctic Wolf Envelops Teamworks with 24x7 Cybersecurity Protection and Comprehensive Visibility
Teamworks, a leading athlete engagement platform, faced rising cyberthreats and needed enhanced visibility into its network, servers, and laptops. With software developers connecting from all over the world, the company sought to improve its security posture and position itself for future growth. The company had a secure platform but recognized the need for a more proactive solution to identify gaps within its technology infrastructure. Data exfiltration and malicious access were top concerns, prompting the need for a comprehensive security upgrade.
Case Study
Sawback IT and Datto Save Client From a Costly Mistake
Ballistic Echo, a software development house, faced a critical challenge when human error led to the deletion of thousands of lines of unique code. This incident occurred before the code was pushed to source control, resulting in significant loss of time, revenue, and work. The previous file-level backup solution they used was slow and inefficient, making it nearly impossible to manually recreate the lost work. The need for a more reliable and efficient business continuity solution became evident to avoid such disasters in the future.
Case Study
Opal Helps Customers Shine Thanks to Datto
SP Flooring & Design Center faced a ransomware attack that encrypted and locked their files. The attack was initiated through a compromised service account set up by an outside vendor. The ransomware infection was isolated quickly, but there was a concern about the extent of the data at risk. The company had backups in place but was unsure of how much information was compromised. The situation required immediate action to prevent further damage and restore the affected data.
Case Study
Zapier Aggregates Multiple Analytics in a Single Dashboard with the New Relic Platform
Zapier, a company that enables non-technical users to push data between hundreds of web applications, was facing a challenge in automating and provisioning servers for optimal performance. The company's environment consisted of 50 Linux servers on the Amazon Elastic Compute Cloud (EC2), a Django application split across several servers, and a backend consisting of a dynamic number of celery task workers fed by messages published to a RabbitMQ cluster. They also maintained a number of internal web services on nginx in front of Gunicorn and Node.js processes. Redis handled simple key and value stores, with logging handled by Graylog2 and ElasticSearch. However, they realized that no level of automation would be sufficient without an effective monitoring solution in place. They needed a tool that could provide immediate alerts when something was breaking and could be easily implemented into their environment.
Case Study
Pipeline Insight Case Study: YARCDATA
YarcData faced challenges in determining the conversion rates of prospects into customers through various marketing efforts and identifying the source of its leads. They wanted to know the percentage of opportunities in the sales pipeline that came from different marketing events, web downloads, or self-sourced sales opportunities. Additionally, they needed the ability to drill down into the data to guide where to allocate more marketing dollars based on the success of previous efforts. Previously, YarcData relied heavily on spreadsheets and Salesforce.com reports, which made it difficult to extract the exact information they needed. This reliance on spreadsheets represented about 70% of their data presentation.