Case Study

Glance Networks Found a Compliance Solution That Supports Its Growth Plan

Outreach

Frameworks

ISO 27001

//

PCI DSS

Outreach

Glance Networks provides enterprise visual engagement technology that empowers knowledge workers to join customers in their app or website, see their screen, offer guidance and consultation, and shepherd digital transactions through to completion.

Enterprises that use Glance see increased revenue, higher transaction conversion, improved customer satisfaction, long-term customer loyalty, and higher service efficiency. Glance has more than 3,000 customers in industries like financial services, healthcare, government, retail, travel and leisure, and technology. Glance integrates with their clients’ critical business systems including Saleseforce, ServiceNow, and DocuTech via API or prepackaged integration.

Product Used: Compliance Operations Module

Quick Facts: Computer Software // Wakefield, MA, USA

The Challenge

Since Glance provides solutions that improve digital customer engagement, the company has seen an uptick in demand for its solutions as COVID-19 made face-to-face in-person customer engagement more challenging. With the growth in new business in the U.S. and across Europe, the need to demonstrate compliance has risen as well. Although Glance hasn’t needed a full-time compliance officer on staff to date, there is a growing need in the company to maintain information security, protect sensitive customer data, and maintain compliance certifications such as PCI and ISO 27001.

To stay on top of its infosec compliance obligations, Glance Networks created the ISO 27001 Council, an internal council composed of stakeholders from Engineering, HR, Customer Success and Operations to manage the organization’s ISO 27001-related work. Byron Thomas, Solutions Architect and ISMS Manager, is a leader within the ISO 27001 Council. Thomas and the ISO 27001 Council also work closely with Vigilant Systems — a compliance consultancy based in Oregon — on an ongoing basis to evolve and improve the company’s infosec compliance program.

Quote Sign
We wanted a compliance platform that helps us reduce the manual work required to maintain and manage our compliance program

Byron Thomas

Solutions Architect and ISMS Manager // Glance Networks

Byron Thomas

What Glance Networks Needs From Compliance Software

According to Thomas, having a single repository for all things compliance isn’t just a nice-to-have, it’s mission critical.

Quote Sign
ISO compliance is critical to our business because our clients demand that we comply with the most rigorous data security and privacy standards. Mistakes in compliance can stall or terminate a sales engagement and can be expensive to fix. As such, you don’t want one individual to be the only source of information about your compliance program. Instead, you want multiple people to have access to the same information, so people can check each other’s work. Hyperproof provides the ability for multiple stakeholders to double-check each other’s work, so we can maintain a compliant posture consistently.

Byron Thomas

Solutions Architect and ISMS Manager // Glance Networks

Byron Thomas

Additionally, having a single source of information is key for preserving valuable compliance-related knowledge when there’s a change in personnel.

“If I was out of office for a month and someone had to fill in, it would be a tremendous effort for that individual to get up-to-speed if we didn’t have a compliance platform in place. Having Hyperproof in place makes the learning curve easier,” says Thomas.

Why Hyperproof

Manage Compliance Programs Efficiently

Thomas and the other members of the ISO 27001 Council all have other responsibilities outside of compliance. They needed a tool to help them manage their compliance processes as efficiently as possible.

Before Glance purchased Hyperproof, ISO 27001-related compliance work was done manually, in an ad hoc way. “It was a challenge to manually manage the workflow. We would corral stakeholders whenever we needed to collect evidence for the ISO 27001 audit, disrupting their other projects,” says Thomas.

Within Hyperproof, the ISO 27001 council was able to establish structured workflows to collect and organize evidence from stakeholders. This translated to a 30 percent reduction in time spent on ISO 27001-related compliance processes by council members.

“I think the Audit Dashboard in Hyperproof is great. You can see at a glance where you are, where progress is being made. For instance, as our auditor was reviewing things in the Request section of the audit, we could see a double green check mark next to the items he has reviewed,” says Thomas.

In addition, Thomas found that even the auditor was impressed by Hyperproof’s ability to link evidence to controls.

Glance Networks reduced time spent on ISO 27001 related compliance processes by:
30%

“I like how easy it is in Hyperproof to associate the right proof with each document request — so our auditor knows where to go to review things. Even if something is missing, I can quickly add an additional piece of proof as my auditor and I are having a discussion. Our auditor was impressed with Hyperproof!”.

The Right Capabilities

The compliance team also wanted an easier way to provide their management team a view of what’s going on without having to create reports manually or write lengthy emails.

Byron evaluated several different compliance solutions. He chose Hyperproof because he felt that it included all the product capabilities the company needed and great customer support and training, and because it was far more cost-effective than other solutions.

Thomas also noted that Hyperproof helped minimize the time the compliance team spends communicating with internal stakeholders.

Quote Sign
Other tools were priced much higher than Hyperproof; yet we didn’t see additional benefits. When you add in the cost of the audit, the cost of expanding to other compliance frameworks, the total cost of compliance goes up quickly. We looked at what’s actually needed and saw that Hyperproof checked off all the points

Byron Thomas

Solutions Architect and ISMS Manager // Glance Networks

Byron Thomas

“It’s not easy to communicate compliance-related work requests to stakeholders who don’t have a background in this domain. It’s a challenge to write an email to our stakeholders about how we’re doing in the ISO 27001 process, make it educational, concise, and translate jargon from the ISO 27001 framework into language others can understand,” says Byron.

“Now, I can simply provide stakeholders with access to Hyperproof, ask them questions or make requests for them to update information directly within the tool. I can set up auto-reminders to remind people to get things done. Hyperproof keeps track of all updates for me: I can see who has replied to my questions, and whether people have updated things or not. This makes my life easier!”.

Cost Effectiveness

“Other tools were priced much higher than Hyperproof; yet we didn’t see additional benefits. When you add in the cost of the audit, the cost of expanding to other compliance frameworks, the total cost of compliance goes up quickly. We looked at what’s actually needed and saw that Hyperproof checked off all the points,” says Thomas.

Download Case Study

Conclusion

With Hyperproof, Glance Networks was able to create a single source of truth for compliance and automated routine, repetitive work, steamlining workflows and reducing work for teams across the organization.

To see the Hyperproof platform in action, schedule a demo with our team today. Related: Guide to ISO 27001