Ostendio Helps Sourcepass Clients Reduce InfoSec Time Management by 50%

The Challenge

Sourcepass clients were overwhelmed by compliance requirements and bogged down with inefficiencies. The challenge was to address these inefficiencies while giving clients access to a more eloquent and comprehensive solution to help them reach their compliance goals.

Initially, Sourcepass Senior Cyber Risk Advisor James Reichle created a process for clients to follow by leveraging the all too common, labor-intensive practice of using spreadsheets, phone calls, voicemail, and email to track security details.

“We built an ad hoc process that was 90% built in Excel,” Reichle said. “We were running people through that and asking people questions manually on the phone and sending them copies of spreadsheets.”

Without a systematic process or solution to optimize operational and security activity, Reichle found that clients were not capable of achieving their compliance goals in a timely fashion. Moreover, this manual system made the compliance process more expensive as clients spent extensive time and money using cumbersome, disparate repositories for Word, Excel, PDF, and image files; Sourcepass’ compliance management approach needed improvement.

Challenges faced included:

Finding a solution that would scale with clients and integrate with accepted security frameworks.
Avoid losing time and productivity while trying to maintain compliance by having to manually populate spreadsheets.
Eliminate inconsistencies in compliance efforts that set efforts back due to a lack of clarity and understanding of compliance requirements.
Lacked the capability to demonstrate progress towards compliance goals in real-time while reducing the risks of continued non-compliance.

Sourcepass’ regulatory-intensive clients needed a better way, prompting the partnership with Ostendio.

“We built an ad hoc process that was 90% built in Excel. We were running people through that and asking people questions manually on the phone and sending them copies of spreadsheets.”

- James Reichle, Senior Cyber Risk Advisor, Sourcepass

The Solution

Sourcepass began by implementing Ostendio for several clients struggling with their compliance process. Supported by world-class data-driven reporting and dashboard features, the Ostendio platform made it possible for businesses to speed up data management and decision-making processes, resulting in time savings of up to 50%.

Sourcepass now uses the Ostendio platform to manage security and compliance programs for dozens of clients. The platform enables Sourcepass clients to manage risk registries with recurring tasks like assessments, gap analyses, continuous training, update document approvals, and acknowledgments, efficiently keeping policies and procedures current inside a centralized document management module.

The Result

Sourcepass used Ostendio to increase productivity by replacing inefficient manual processes with an integrated security and risk management platform that powers assessments, gap analyses, and enhanced security task and compliance management.

“Ostendio presents things in a more positive light, where [clients] see progress actually occurring,” Reichle said. Rather than sending massive spreadsheets, Reichle now meets with clients using a shared instance of their Ostendio account to demonstrate their progress toward compliance and easily identifying the remaining action items needed using custom dashboards and reports.

“Using the task module has been far more effective at getting people to make timely changes, rather than handing them a table and Word document,” Reichle said.

Reichle also says Ostendio helps Sourcepass educate its clients on the importance of thinking of their security and risk management programs as a continuous need. By leveraging the Ostendio platform and demonstrating to clients how to effectively manage a security program through its interface, Sourcepass has found an ideal solution to a series of vexing problems for highly regulated businesses in many industries.

About Sourcepass

Sourcepass provides an IT experience that clients love by providing expert IT services designed to elevate their business. Providing business technology solutions for small and medium-size businesses and organizations, our specialties include consulting, cloud computing, cybersecurity services, website and application development, network design and infrastructure, managed services, professional services, email services, unified communications, mobile device management, storage solutions, network security, and emerging IT business solutions.

Case Study