ISO 27001 Certification
Executive Sponsor: Joan Ross, Chief Security Officer, DocuSign
Project Team: CSO plus cross-divisional team members from Engineering, Operations, QA, Legal, Customer Service and HR
Location: Seattle, San Francisco, London, Dallas, Tukwila, and Cebu
Distinguish DocuSign by obtaining ISO 27001 certification from the prestigious BSI Group for the purpose of establishing, implementing, and maintaining an information security management system (ISMS) across all active DocuSign premises. This served to increase customer confidence and sales while continuously driving and improving security management, processes, and methodologies across the entire corporate business and cloud-based electronic signature service.
Securing Application Layer
Executive Sponsor: Aaron Weaver
Location: Centennial, CO
Given eCollege’s always on SaaS platform and the critical importance of securing customer data, eCollege invested in building out a programmatic and comprehensive approach to application layer. eCollege has taken a defense in depth approach to the application layer focusing on Web Application Firewall, dynamic scanning technologies, vulnerability assessments and manual penetration testing. Additionally, eCollege is integrating and automating application security early into the Software Development Lifecycle to find and remediate security vulnerabilities early in the development process. Combined with security awareness and secure coding sessions this program has improved the security posture of the organization.
Khosla Ventures Hacking Exposure
Executive Sponsor: David Baca, Vice President – IT, Khosla Ventures
Project Team: Billy Rios, Aaron Bryson, Terry McCorkle, Derek Soeder and Eric Cornelius
Location: Menlo Park, CA
Even the more secure organizations are highly exposed to hackers. Khosla Ventures agreed to permit a complete Presponse Security Health Check on its organization and publish the results to the public to demonstrate how companies are vulnerable to social, cyber and physical threats today. For a $2.5Billion and high intellectual property organization, security is paramount to its survival and success. Cylance, Inc. performed the security assessment and found that even with greater than average security infrastructure, the door to the organization was wide open – literally!
ISO 27001 Implementation and Certification Project
Executive Sponsor: Steven Salaets, Vice President, Global HR, Security, Risk & Compliance, Rimini Street
Project Team:Pat Shell, Gabe Dimeglio, Chris Galzote, Joe Dones, and cross-functional team members from Service Delivery, Product Development, QA, Client Care & Success, Marketing, Sales, Legal, HR and IT.
Location: Worldwide - APAC / EMEA / US
Over the past 12 months Rimini Street implemented and certified its Information Security Management System against the ISO 27001 standard. ISO 27001 is a standard that guarantees that effective information Security controls are in place to prevent and defend the company and its clients against information security incidents. It also ensures that 133 implemented security controls continue to meet security needs on an ongoing basis. This certification provides the assurance and confidence that our clients and business partners require when entrusting their systems and data to Rimini Street.
Sutter Health Endpoint Encryption Project
Executive Sponsor: Jeff Trudeau, Information Security Officer, Sutter Health
Project Team: Jeff Trudeau, Kant Deemark, Jason Elrod and Mark Bristow
Deploy an encryption solution to all endpoint devices including laptops, desktops and tablets, to protect against the loss of confidential information in the event of a lost or stolen device. Phase II of the project also enabled encryption on the USB ports of these devices. Any data copied off a device onto a USB or external media drive would require encryption. Provide a FIPS 140-2 certified centrally managed encryption solution that would prevent reportable breaches of PHI and regulated data.
Union Bank’s Implementation of Good for Enterprise
Executive Sponsor: Dana Edwards, Executive Vice President, Chief Technology Officer, Information Technology, Union Bank
Project Team: Mary George, Dana Edwards
Location: San Francisco
As the number of Union Bank employees using iOS, Android and other devices increased, so did the challenge to provide secure access to email and business applications on non-RIM devices. After searching for a solution that supported the devices that Union Bank employees were demanding, Union Bank’s IT department selected Good for Enterprise and deployed it to over 3,800 employees. To increase mobile collaboration, the bank decided to use Good Dynamics; when used with Good for Enterprise, Good Dynamics allowed users to access, edit and distribute email attachments and files securely, creating an end-to-end mobile workflow.
Web Application Security Automation
Executive Sponsor: Joe Bennett, Chief Information Security Officer, YP
Team Members: Joe Bennett, Steven Singer and James Zimmerman
Location: Glendale, CA
Given eCollege’s always on SaaS platform and the critical importance of securing customer data, eCollege invested in building out a programmatic and comprehensive approach to application layer. eCollege has taken a defense in depth approach to the application layer focusing on Web Application Firewall, dynamic scanning technologies, vulnerability assessments and manual penetration testing. Additionally, eCollege is integrating and automating application security early into the Software Development Lifecycle to find and remediate security vulnerabilities early in the development process. Combined with security awareness and secure coding sessions this program has improved the security posture of the organization.