What wasn’t right with your current solutions at the time? Broadly two things: their inadequacy with the quantity of Security Assessments and with a limited Cyber-Risk Management culture in the firm. To conduct our Security Assessments, we started to use excel sheets that showed several drawbacks on the following needs: Regarding Risk and Action Plans acceptance, the simple use of emails didn’t allow us to implement the right workflows correctly and to monitor validations.
Why did you choose Phinasoft? First of all, for the quality of the team: we really appreciated their expertise, their agility and their availability all along. They gave us training and provided consulting resources, which is a real asset for busy security teams. Regarding the platform itself, its main assets are its adaptability, collaborativity and simplicity. We could implement into the platform our own methodologies, frameworks and workflows. And Phinasoft also adapts it to the evolutions of our needs over time with news features. Being able to log in with Single-sign-on is also a very valuable advantage along with Multi Factor Authentication. The platform is also filled with explanations that helps project leaders be autonomous when they answer the Security questions. Finally, Phinasoft’s technical roadmap was in line with our future projects, which made it a strong ally on the long run.
What are the results of the use of the platform? Risk Analyses (or Security Assessments) can now have their full impact on the organization thanks to the validation process supported by Phinasoft. IT and Business Managers now cannot ignore the identified risk and have to commit to apply the recommendations. The projects leaders really like that it’s user friendly and testify that it’s really useful to them. It helps build easily some documentation around our applications. It’s also useful to architect compliance or purchase teams. On the Security team side, Phinasoft brings us a global vision on all the projects and allows us to manage more easily the actions plans.