Glance Networks Found a Compliance Solution That Supports Its Growth Plan
Wakefield, MA, USA
- ISO 27001
- PCI DSS
- Compliance operations module
Glance Networks provides enterprise visual engagement technology that empowers knowledge workers to join customers in their app or website, see their screen, offer guidance and consultation, and shepherd digital transactions through to completion.
Enterprises that use Glance see increased revenue, higher transaction conversion, improved customer satisfaction, long-term customer loyalty, and higher service efficiency. Glance has more than 3,000 customers in industries like financial services, healthcare, government, retail, travel and leisure, and technology. Glance integrates with their clients’ critical business systems including Saleseforce, ServiceNow, and DocuTech via API or prepackaged integration.
Since Glance provides solutions that improve digital customer engagement, the company has seen an uptick in demand for its solutions as COVID-19 made face-to-face in-person customer engagement more challenging. With the growth in new business in the U.S. and across Europe, the need to demonstrate compliance has risen as well. Although Glance hasn't needed a full-time compliance officer on staff to date, there is a growing need in the company to maintain information security, protect sensitive customer data, and maintain compliance certifications such as PCI and ISO 27001.
To stay on top of its infosec compliance obligations, Glance Networks created the ISO 27001 Council, an internal council composed of stakeholders from Engineering, HR, Customer Success and Operations to manage the organization’s ISO 27001-related work. Byron Thomas, Solutions Architect and ISMS Manager, is a leader within the ISO 27001 Council. Thomas and the ISO 27001 Council also work closely with Vigilant Systems — a compliance consultancy based in Oregon — on an ongoing basis to evolve and improve the company’s infosec compliance program.
“We wanted a compliance platform that helps us reduce the manual work required to maintain and manage our compliance program,” says Thomas.
By using Hyperproof, Glance Networks achieved the following results:
Reduced by 30% the amount of time spent on ISO 27001-related compliance processes by council members.
- Minimized the time the compliance team spends communicating with internal stakeholders.
- Maintain compliant posture consistently with ease for multiple stakeholders to double-check each other’s work.
- Preserve valuable compliance-related knowledge using Hyperproof as a single source of information.
What Glance Networks Needs From Compliance Software
According to Thomas, having a single repository for all things compliance isn’t just a nice-to-have, it’s mission critical.
Solutions Architect and ISMS Manager
Additionally, having a single source of information is key for preserving valuable compliance-related knowledge when there’s a change in personnel.
“If I was out of office for a month and someone had to fill in, it would be a tremendous effort for that individual to get up-to-speed if we didn’t have a compliance platform in place. Having Hyperproof in place makes the learning curve easier,” says Thomas.
1. Manage Compliance Programs Efficiently
Thomas and the other members of the ISO 27001 Council all have other responsibilities outside of compliance. They needed a tool to help them manage their compliance processes as efficiently as possible.
Before Glance purchased Hyperproof, ISO 27001-related compliance work was done manually, in an ad hoc way. “It was a challenge to manually manage the workflow. We would corral stakeholders whenever we needed to collect evidence for the ISO 27001 audit, disrupting their other projects,” says Thomas.
Within Hyperproof, the ISO 27001 council was able to establish structured workflows to collect and organize evidence from stakeholders. This translated to a 30 percent reduction in time spent on ISO 27001-related compliance processes by council members.
Glance Networks reduced time spent on ISO 27001 related compliance processes by:
“I think the Audit Dashboard in Hyperproof is great. You can see at a glance where you are, where progress is being made. For instance, as our auditor was reviewing things in the Request section of the audit, we could see a double green check mark next to the items he has reviewed,” says Thomas.
In addition, Thomas found that even the auditor was impressed by Hyperproof’s ability to link evidence to controls.
“I like how easy it is in Hyperproof to associate the right proof with each document request — so our auditor knows where to go to review things. Even if something is missing, I can quickly add an additional piece of proof as my auditor and I are having a discussion. Our auditor was impressed with Hyperproof!”.
2. The Right Capabilities
The compliance team also wanted an easier way to provide their management team a view of what’s going on without having to create reports manually or write lengthy emails.
Byron evaluated several different compliance solutions. He chose Hyperproof because he felt that it included all the product capabilities the company needed and great customer support and training, and because it was far more cost-effective than other solutions.
Thomas also noted that Hyperproof helped minimize the time the compliance team spends communicating with internal stakeholders.
“It’s not easy to communicate compliance-related work requests to stakeholders who don’t have a background in this domain. It’s a challenge to write an email to our stakeholders about how we’re doing in the ISO 27001 process, make it educational, concise, and translate jargon from the ISO 27001 framework into language others can understand,” says Byron.
“Now, I can simply provide stakeholders with access to Hyperproof, ask them questions or make requests for them to update information directly within the tool. I can set up auto-reminders to remind people to get things done. Hyperproof keeps track of all updates for me: I can see who has replied to my questions, and whether people have updated things or not. This makes my life easier!”.
3. Cost Effectiveness
“Other tools were priced much higher than Hyperproof; yet we didn’t see additional benefits. When you add in the cost of the audit, the cost of expanding to other compliance frameworks, the total cost of compliance goes up quickly. We looked at what’s actually needed and saw that Hyperproof checked off all the points,” says Thomas.