The Technology Sector with Keylight® that handle customer data have standards and even customer and audit requirements, records ® ® The Lockpath Keylight Platform the responsibility of protecting vendor contracts. management protocols, and it, and are often times subject security controls must be aligned, enables technology firms to efficiently manage to the same regulations as The platform can map an frequently reviewed and visible their customers. For example, a organization’s compliance across the organization. And the organizational and information security risks, technology firm offering products documents to internal controls, larger a firm grows, the more and services to clients in the regulatory requirements and audits it becomes accountable for. conduct and respond to audits, healthcare field must now adhere citations. The platform can be and demonstrate regulatory compliance. to HIPAA regulations regarding IT configured to manage risk based Traditionally within technology security. Also, many technology on policy specific workflows that companies, the audit team is providers choose to implement incorporate IT data, risk data, small and resources are limited. data security standards and best incident data and other correlated The team needs a solution that The technology sector finds Manage risk controls and business practices like ISO 27001 . data, and workflows that start is efficient and flexible to quickly itself at the epicenter of cyber How do you increase the visibility continuity plans, which and effectively respond to their security and IT risk management. of the risks your company faces increases visibility into the exponentially growing workload. Customers of technology firms when data is siloed? How do potential impact on the expect them to know and employ you communicate the complex organization. The Keylight Platform helps the most advanced security and technical nature of certain • Assess internal and external technology companies who must solutions, while increasing risks to executives and board risks. “Unlike most platform providers, frequently respond to customer government regulation and members and equate them to and third-party audits to: industry standards place a greater business strategy and return on The platform also helps compliance burden on the sector. investment? businesses create custom Lockpath’s goal is to implement • Create a question bank to continuity plans, manage answer client audits and A lack of manpower, time and The Keylight Platform provides associated risks and minimize assessments. financial resources hinders the a holistic picture of your the impact of potential losses. Its the Keylight Platform • Track previous responses typical tech firm from efficiently organization’s risk posture, making business continuity management over time for answer tackling proactive compliance it more visible throughout the planning (BCMP) capabilities consistency and accuracy. and security. Point solutions and organization. include: within 30 days to yield a timely • Take advantage of scanners are often brought in as standardized questionnaire temporary fixes to shore up certain Technology companies use • Support for major BCMP templates, including the SIG areas of their infrastructure or the platform to centralize risk frameworks such as ISO return on investment.” and SIG Lite from Shared compliance program, but this lacks data, enabling them to break 22301, FFIEC BCM, and BS- Assessments. the visibility of their risk posture down data silos. This increases 25999-1. as a whole. Many companies will the visibility of information, • The ability for organizations Technology firms must also choose to do nothing, relying on leading to better communication to test their BCM plans via audit their vendors and third out-of-date processes or only and collaboration between tabletop exercises to ensure The Keylight Platform supports the policy management review parties, which requires integration addressing some issues, leaving departments. they are accurate and centralized repositories for process. of information from multiple themselves completely vulnerable. comprehensive. compliance documents, asset sources. The Keylight Platform The platform is used to: • The ability to link BCM plans lists and other data for quick Conduct and respond to audits enables technology firms to Lockpath’s Keylight Platform to policies and controls to access. It supports multiple As vendors to a variety of efficiently assess their vendors, enables technology firms to • Identify gaps in policies, prove compliance. risk and security frameworks, clients -- many themselves suppliers and third parties for efficiently and effectively align compliance and risk including ISO 27001, PCI DSS, heavily regulated -- tech firms risk and compliance. Users can compliance, IT security and management that require Manage policies and compliance NIST, FEDRAMP, and many are increasingly scrutinized manage the full vendor lifecycle risk management practices in attention. The growing use of technology others. The platform’s compliance for the security of their IT from vendor due diligence and the platform with their existing • Link risks, vulnerabilities in today’s business environment mapping capabilities incorporate infrastructure, data management contract negotiation, to review business operations and manage and incidents to policies, has brought data security to the authoritative documents such and email policies. A firm’s and, if needed, termination using it all with a minimal staff. procedures, framework foreground. Technology firms as state regulations, IT industry policy management, client the Keylight Platform.

© 2019 Lockpath, Inc. All rights reserved. The platform streamlines the vendor web application, configuration risk, audit, and compliance assessment process by offering: scanners, SIEMs and others. programs in a code-free • Conduct Business Impact manner • A vendor library to centralize Analyses (BIAs) to see the • Is flexible enough to adapt all third-party data, including impact of disruptive events to your processes, rather processes, contacts, on the organization and to than forcing you to adopt an contracts, historical risk prioritize business continuity unfamiliar paradigm. assessments, and other procedures. metrics. Keylight was created by industry • A vendor portal so third Keep stakeholders informed experts who recognized the parties can complete risk The platform’s real-time reporting need for easy-to-use software assessments outside of your capabilities support data-driven that was flexible and scalable environment. decision making. Its click-and- to serve ever-changing and • The ability to automatically configure tools enable users expanding organizational goals generate findings and help to efficiently create real-time and objectives. identify risks and easily route snapshots without the need for risks through workflow for additional programming code. Unlike most GRC providers, remediation. Lockpath’s goal is to implement The Keylight Platform streamlines the Keylight Platform within 30 Prioritize risk and compliance the ability to measure Key days to yield a timely return on The Keylight Platform has the Performance Indicators and Key investment. unmatched capability of storing, Risk Indicators, enabling users centralizing, and integrating large to set program benchmarks Keylight is easily configurable, amounts of data, making it a and identify trends before risks so it can adapt to changes in a valuable tool for organizations to become incidents. The platform’s firm’s operational, regulatory, prioritize their risk management permission-based dashboards or security needs. In fact, while and compliance efforts. The provide stakeholders only the data most platforms require additional platform enables users to: they need. programming and code-writing to reflect changes in a business • Streamline business The most efficient, intuitive GRC environment, Keylight’s point-and- processes via standardized platform on the market click, drag-and-drop approach to workflows and identify Compliance, risk management and configuring a solution removes redundancies, which helps to security needs that exist today may programmers from the staffing create efficiencies. broaden tomorrow, and concerns equation, often resulting in faster • Identify and prioritize you don’t have today will manifest results at a lower cost. organizational risks based when you least expect them. In on business impact by the complex world of technology If you’re frustrated by the slow automatically scoring risk development, you can’t settle for implementation of your current assessments based on an just any solution. You need one that: platform, still trying to retrofit your acceptable risk criticality existing technology to meet new threshold and then • Won’t take months to standards, or just throwing in the routing action items to the implement and configure towel and hoping spreadsheets appropriate party. • Can scale as your company and other antiquated tools can do • Integrate disparate data grows and expands the job, contact Lockpath at sources such as vulnerability, • Can evolve alongside your [email protected].

Lockpath®, the Lockpath icon™, Dynamic Content Framework™, Keylight®, and Blacklight® are property and trademarks of Lockpath, Inc. and registered in the United States. The trademarks and names of other companies and products mentioned herein are the property of their respective owners. © 2019 Lockpath, Inc. All rights reserved. 18032309