Ostendio was formed to solve one of the key challenges Ostendio’s CEO, Grant Elliott, encountered in his previous role as the COO and CISO of a successful healthcare IT company. It was difficult to persuade large healthcare corporations to take a chance on working with a relatively small, innovative technology company, never mind convince them that they could be trusted to reliably protect their sensitive data.
To find out more we sat down with Grant Elliott, CEO of Ostendio:
Q: Grant, what is the best way to prevent a data breach?
A: The best way to prevent a data breach is by implementing security in layers. Today, virtually all businesses are collecting data about their customers and employees. With the number of data breaches on the rise, businesses of all sizes need to take steps to protect their data, and the best way to do this is layered security.
What I mean by layered security is combining multiple security strategies. For example, although the majority of data breaches can be traced back to human error, including clicking on a phishing link, or downloading a malicious file, most solutions continue to be technical in nature. You need to combine technical security with human readiness by implementing frequent security awareness training for employees.
Other ways to prevent a data breach includes encrypting all data – both when the data is ‘in motion’ and ‘at rest’, creating a process for keeping security patches updated, and keeping only the data you need. Data is what makes a business attractive to cybercriminals – not its size.
Q: What makes your solution the best choice?
A: Most security solutions focus on technical security and address specific problems in a fragmented manner. Ostendio’s MyVCM is a true workflow management solution that automates cybersecurity and information management processes across the entire workforce. The platform uses transactional data to provide a more comprehensive picture of the organizations risk. MyVCM’s robust reporting is in stark contrast with traditional, self reporting tools used today by security team.
MyVCM provides both a simple pathway to improving a company’s security posture as well as collecting the actionable data necessary to calculate and mitigate risk. MyVCM is also flexible and scalable, and can grow with your organization, making it very cost-effective.
Q: Who are the primary clients of Ostendio?
A: The primary clients of Ostendio are companies who work in regulated industries such as healthcare, legal or finance. Our clients all handle some type of sensitive data, whether it’s electronic Protected Health Information (ePHI) or employees’ social security numbers, and they want to ensure that their data is being protected from cyber threats. MyVCM allows companies to more easily manage and demonstrate that they are operating an effective cybersecurity program against a set of security and privacy regulations to internal and external stakeholders.
The platform supports numerus security workflows including document management, training, vendor risk management, incident management, asset inventory, audits with transparent dashboards and robust reporting. Ostendio’s MyVCM is suitable for small businesses, who want to begin building an information security program, to enterprise customers who want to move away from manual spreadsheets and automate their processes.
Q: What is the story behind Ostendio, could you provide our readers more insights?
A: The name ‘Ostendio’ comes from the Latin ‘Ostendi’ which means to demonstrate or to show, which is what our platform does. It demonstrates how to be compliant with different rules and regulations, and shows how to build a robust security program.
Ostendio’s MyVCM was created to help any company of any size more easily develop an effective security and compliance program, and more specifically, give them a simpler way to demonstrate this to their customers.