Brainwave GRC is happy to share this recent exchange with one of our key customers who sings the praises of moving from a manual access review process to a fully automated solution with Brainwave GRC. This article details the company’s experience with added feedback that will enlighten new users about the benefits of implementing automated user access reviews.
Background
We are a marketing data services and technology company whose clients are Fortune 100 companies around the globe that want to improve their marketing efforts. We help them do that by connecting people to brands that they love. One of our key differentiators in the industry is data stewardship, and we take it very seriously. One of the things we wanted to solve for with Brainwave GRC is creating a 360-degree view of users. That means identifying who the person is and to which layer of the IT stack he or she has access, meaning operating systems, databases, applications, cloud applications, network access, or any other type of access. We want to tie it all back to one identity, one person that we know we trust with the most important resource that we have: our data.
Improved User Experience
In addition, we needed to automate, modernize and improve our security by adopting a platform that is scalable. We were looking for a solution that would deliver a better user interface for our users and make the certification campaigns and the audit reviews more efficient and effective. Additionally, we wanted to bridge some gaps that we had, including in remediation.
In the past, remediation was a disconnected process, and because of that disconnection, sometimes it did not happen at all. With Brainwave GRC, integration with ticketing systems is done out-of-the-box and helps us bridge that gap.
We have clients across all verticals whether they be in the insurance, credit card, automotive or other industries. For each one, there may be regulations that we have to comply with, all of intended to increase security. One of the things that we wanted to do was to deliver out-of-the-box compliance for each one of these verticals by including better analytics and security features that come with the compliance review, while, at the same time, gaining the missing remediation piece.
Moving Away from Manual Processes
Our company has been doing compliance and audit for as long as it has been in business. However, we had a manual process and a homegrown tool that was really being pushed to its limits. We started looking for something more industrial grade, a commercial, off-the-shelf tool, and began researching different vendors. One thing that we needed to decide early on was whether to choose a full suite for identity and access or a best-of-breed solution. We decided to go for the latter in order to take advantage of better user experience as well as the analytics piece in order to increase the security integrations out-of-the-box.
Additionally, we were looking for something that could be quickly deployed and that allowed us to partner with a vendor and get the early wins. It was important to be able to put the platform immediately in front of the decision makers and business partners and to do the reviews, giving them the ability to improve upon the platform. All this we found with Brainwave GRC.
We were deploying this service on premise, and the process was very quick. We had to have the infrastructure in place, but in a period of about three months, we had the product ready to go, including being able to do the initial certification. We were aligned with the existing tool and could continue using it while working in parallel by overlapping it with the implementation of Brainwave GRC to ensure compliance across the board.
In all the years that we have been doing compliance, we have used many manual processes, and by that we are referring to using Excel, several databases, pivot tables and V-Lookups, all using SQL and stored procedures. This manual process was very lengthy and took time away from other things. We became Excel experts instead of business partners. The advantage of going with the Brainwave GRC solution is being able to let the product do all the heavy lifting and replace the manual processes with automation and integration while having the ability to build upon that platform.
One of the out-of-the-box benefits that was key for us was being able to create an initial report for one of the account teams that had requested it and then being able to export the same report to everybody right away. Other account teams who were not aware of this possibility immediately saw the value in it. It has been a great benefit.
Targeting the Needs of the Business Teams
Transitioning from a technical process to a business process is a key advantage. Instead of working to meet compliance as a checkbox, the value goes beyond just delivering that compliance. We have become partners with the business teams, we understand their needs, and we help them deliver a 360-degree view of accesses in order to meet what is most important to us: our clients’ data as well as our own. The client teams want to deliver the data stewardship that makes us a differentiator in the market, and we want to help them do that because that is what a partner does. In summary, this is what we have seen with the Brainwave solution.
We are a culture of innovation. We move very fast, and we deliver great things for our clients, our partners but also for our employees. Being able to replace a homegrown product with something that has a better user interface, incorporates analytics and is a best-of-breed solution has been a big win for us. What we ultimately are going to achieve with this tool is the 360- degree view that is so important for our clients and makes us a differentiator and a leader in our industry.
We are very happy with Brainwave GRC.
