case

SafeHarbour drives information security audits with a cloud platform

Case

About SafeHarbour

SafeHarbour (since spring 2021 part of Inergy) helps their clients storing and processing data in a secure way, both on- and offline. SafeHarbour does not only offer proven solutions for securing data, but is also a pro-active partner on the work floor. Should you require assistance concerning safe data processing, SafeHarbour offers their support. Their expert consultants help organizations to get a grip on their data. Furthermore, SafeHarbour offers e-learning modules for companies, in order to raise awareness concerning data security. Most e-mail leaks are caused by human errors. Being aware of the consequences certain actions can lead to, may prevent such issues. In addition, SafeHarbour has authorized people to perform several audits, such as the DigiD Audit, ENSIA Audit, ISO 9001:2015 and the VIPP-audit. SafeHarbour conducts research on the norms that are applicable, and helps to identify the organization’s strengths and weaknesses. This approach avoids complications and enables goals to be met.

Challenges:

Most of the SafeHarbour clients operate in the public domain, such as governmental agencies, city councils, and healthcare facilities. For such organizations, managing data is not their top priority. However, in light of the recent developments (e.g. the new privacy laws such as AVG/GDPR which are effective since May 2018), reliable data management is getting more and more important. Currently, SafeHarbour’s permanent team consists of seven dedicated members. In order to develop innovative solutions, they cooperate with partners as well. Vanenburg is proud to be one of them.

Policies and their norms are tricky factors for every organization. Although data security isn’t the core business of SafeHarbour’s clients, they usually have to adhere to tons of norms. Moreover, an enormous amount of users should work in compliance to those norms. Keeping track of – and adhering to those norms is more important than ever, especially when sensitive data is involved. When there are many norms applicable it becomes difficult to get a hold of them. This complicates the preparation for an audit. Most applications have been built with the norms in mind, which doesn’t make it easier for the user to keep track of them.

Currently, most of SafeHarbour’s clients work with the same system. This system is great for collaborating on articles, but it is not suitable for monitoring norms on an individual level. So procedures and risk analyses are all well documented on in this system, but actually logging separate risks is not possible. Also, this system is not guiding the company enough in the process of performing activities to become compliant with the norms.

Solution:

SafeHarbour has entrusted Vanenburg with developing a reliable SaaS application, called “IC Control”, which supports businesses to be in control on the risks on information security and compliance with the norms. It gives real-time insight in what the company’s status is regarding the norms that it has to be compliant with, and what actions on which internal processes have to be performed to become or stay compliant. It can be used as a preparation for audits and to get a real-time grip on the compliance and risks. This application can be used standalone in an organization or can be integrated with existing systems. IC Control is developed by Vanenburg  in close collaboration with SafeHarbour as a multi-tenant SaaS application and presented as THE Governance Risk & Compliance-tool for governmental and healthcare organization in the Netherlands.

Used technologies:

  • The WaveMaker RAD platform is used to develop IC Control
  • The hosting is done by a ISO27001 certified hosting party in the Netherlands

 

The solution is tasked to solve the following challenges for end-customers:

  • To have a clear overview of data security and (privacy) policies within an organization
  • To monitor the progress of becoming compliant with each separate norm, and log the risks for each norm
  • To integrate this monitoring process with the content in other systems
  • To be able to check whether the organization adheres to different frameworks of norms

Key benefits of the solution:

  • Providing insight in to which extent an organization complies with a certain framework of norms
  • Offering possibilities to keep track of the progress of becoming compliant with each norm
  • Giving a clear overview of which measures needs to be taken in the organization to become compliant with the norm
  • Preparing for audits becomes uncomplicated and straightforward

Interested?

Are you wondering how we can modernize your enterprise IT and build your intelligent enterprise application? Contact us today!

 

Other Cases

Do you have any questions or do you need professional advice? We’re happy to help you!

Contact form

Subscribe to our newsletter to stay up-to-date on what’s new at Vanenburg