Clariness restructures IT security compliance processes and establishes DevSecOps discipline
Now we have a process, which didn’t exist before, to show us how to take action on security alerts. Lacework has helped us shift our security left. Before, we were a DevOps company, and now we are a DevSecOps company.
GOPI KRISHNAMURTHY, VICE PRESIDENT OF PRODUCT AND ENGINEERING, CLARINESS
Clariness was founded in 2005 with the mission of improving patients’ lives. They accelerate patient recruitment for clinical trials, bringing new medicines and treatments to patients faster. With data-driven, indication-based marketing and a double pre-screener, Clariness reduces the workload and frustration for sponsors, sites, and patients alike.
Challenges
- Distribute security responsibilities across multiple teams
- Achieve an external ISO 27001 certification
- Receive more actionable insights from alerts
Solutions
- Worked with Lacework Professional Services to implement security across the organization
- Established future goals after conducting cloud security assessment
- Created compliance solutions to help with audits
Results
- Adopted best practices for compliance audits, including CIS Benchmarks and ISO 27001
- Consolidated several tools and rewrote standard operating procedures
- Embedded security into their process to establish a strong DevSecOps discipline