2020 was undoubtedly a shock to the system, shaking up everyone’s personal and business life. At Ostendio we transitioned quickly to a work-from-home environment for all employees. On the plus side, some of us have found that we are significantly more productive working at home. Anyone that commutes around the D.C. area understands the time saver of no commute, even with those added midday dog walks. Our brainstorming meetings in the office have morphed into virtual whiteboard sessions on Slack or Zoom. As we look forward to closing the door on the year that was 2020, our fundamentals remain unchanged. We’re continuing to listen to our customers, make improvements to the Ostendio MyVCM platform and guide customers through security audits, all with our core values in mind.
New milestones and platform features in 2020
The Ostendio MyVCM platform hit an important milestone of over 70,000 user activities a month this year. These monthly activities reflect our customers’ work to protect sensitive information, manage their risk and work towards compliance with the over 100 regulations and standards globally.
2020 has seen an increased focus from organizations on the completion of complex audits such as SOC 2 or HITRUST and work towards regulations like HIPAA, GDPR and CCPA. With so many employees now working remotely, the challenge has been to stay in step with changes in reporting information security or procedural changes.
Unfortunately, even with the attention organizations place on information security, over 59% of breaches happen due to third party vendors. To help companies prevent these breaches, we introduced MyVCM Vendor Connect. This new functionality enables companies to require their vendors to create and maintain online records of their security and compliance readiness.
Let’s face it - completing a security audit is time consuming, complex and requires multiple information requests from auditors. Ostendio MyVCM customers can now interact with their auditor via the new MyVCM Auditor Connect. Customers can communicate with their auditor directly within the platform during the audit process to discuss evidence and document requests. It is an innovative leap forward that makes the whole audit process easier to manage than the traditional exchanging of spreadsheets and documents via email. Five new audit partners: A-Lign, Maloney + Novotny, Drummond Group, Hutchinson and Bloodgood and DGC are now online and Ostendio MyVCM customers can interact directly with these auditors on the Ostendio MyVCM platform whether they are selecting an audit partner or collaborating on a security audit.
And the winner is…
What’s a year without an award show? The pandemic didn’t stop the Emmy Awards and it definitely didn’t hold us back. Ostendio was a Timmy Awards nominee in two categories - Best Tech Work Culture and Best Tech Manager in DC. We also received recognition from Washington Business Journal as a “Best Places to Work 2020 ” company and Ostendio customers recognized our team with a Software Advice “Best Customer Service” award.
2021 outlook: regulations and standards hold increasing importance
Following the changes in regulations around data privacy, protection and security is essential for any business. The importance of managing remote workers and their access to your company information in line with these regulations has become even more important in light of the past year. Companies will continue to focus on CCPA and GDPR but without a doubt, 2021 will see an increased interest in bolstering the privacy rights of individuals in more US states.
If you haven’t heard of SOC 2 audits, HITRUST or NIST then it is time to invest in your data security program and learn more. 2021 will have an increased emphasis on demonstrating your security program to proven standards. Hackers and bad actors will continue to take advantage of companies with poor security. They are constantly innovating to find new ways to steal sensitive data. Companies need to stay one step ahead and while holding a security certification can’t prevent the hackers attacking your company, it will help you know when it is happening and how to quickly react to reduce any damage caused.
Not sure where to start? Consider these three steps:
As we head into 2021, I suggest any busy CISO takes the time to do these 3 simple things:
Review your employee processes and procedures
Audit your vendors
Seek expert help.
Once you have a firm grasp of where your organization sits relevant to the compliance regulations, risks, and your own goals for information security - you can begin building a strategy to keep your company and customer data safe.
What’s in store for the Ostendio MyVCM platform?
We love reading the feedback from our customers to our Customer Success team. We are always hard at work to make improvements to the platform and 2021 will have more updates and features to support our customers - and we’ll be implementing some of the most frequently requested improvements. Here’s what’s coming in 2021:
- Risk Management: Ostendio plans to launch its brand new module
- New UI: We are giving Ostendio MyVCM an extreme makeover to make it even easier to navigate
- MyVCM Trust Network: New auditor partners are in the process of joining giving you more choice
- MyVCM Certification program: Thanks to all the requests from customers, we are rolling out an existing new program in 2021 and will be offering new certifications to our customers.
Goodbye, 2020! In these challenging times we appreciate all our customers, partners, team members, and others that give us the ability to do what we love even more.
Want to share your information security goals for 2021 or an Ostendio development wish-list? Send us an email here.
Not sure where to start?
The NIST Guide can help. We can also provide you with a free copy of Ostendio’s password policy, as an example. Just contact us at firstname.lastname@example.org.
What do customers say?
Read reviews on Capterra from Ostendio customers who have prepared for and completed audits, including SOC 2.