Clariness restructures IT security compliance processes and establishes DevSecOps discipline

Now we have a process, which didn’t exist before, to show us how to take action on security alerts. Lacework has helped us shift our security left. Before, we were a DevOps company, and now we are a DevSecOps company.

GOPI KRISHNAMURTHY, VICE PRESIDENT OF PRODUCT AND ENGINEERING, CLARINESS

Clariness was founded in 2005 with the mission of improving patients’ lives. They accelerate patient recruitment for clinical trials, bringing new medicines and treatments to patients faster. With data-driven, indication-based marketing and a double pre-screener, Clariness reduces the workload and frustration for sponsors, sites, and patients alike.

Challenges

  • Distribute security responsibilities across multiple teams
  • Achieve an external ISO 27001 certification
  • Receive more actionable insights from alerts

Solutions

  • Worked with Lacework Professional Services to implement security across the organization
  • Established future goals after conducting cloud security assessment
  • Created compliance solutions to help with audits

Results

  • Adopted best practices for compliance audits, including CIS Benchmarks and ISO 27001
  • Consolidated several tools and rewrote standard operating procedures
  • Embedded security into their process to establish a strong DevSecOps discipline