Speedoc is a Singapore-based virtual clinic and healthcare solutions platform that enables users to access medical care and services from the comfort of their own homes. It combines physical and digital services and offers an alternative solution to meet the increasing demand for medical care, particularly among the aging population.

Thanks to Cyber Sierra, we now have a more comprehensive overview of our tech infrastructure and processes, allowing us to secure our users’ information better. The fact that we were able to achieve all this on a single platform is truly remarkable.

James Yeo
DPO, Speedoc
quote_by

Challenge

As responsible custodians of users’ personal information, Speedoc aimed to safeguard users' privacy and implement the ISO 27001 standard for Information Security Management Systems.

In the journey to develop adherence to ISO 27001 controls, the infosec team encountered several challenges, including the need to juggle multiple requirements, streamline documentation, and effectively engage employees in embracing and being aware of security measures. Moreover, Speedoc had invested resources in multiple standalone cybersecurity solutions that provided some of the desired outcomes. So, they sought an interoperable cybersecurity solution that could assist in ISO 27001 compliance, provide staff training and awareness, as well as offer support for procuring cyber insurance, all while growing employee productivity.

Solution

Speedoc chose Cyber Sierra for its interoperable and user-friendly one-pane view, giving detailed intelligence on its cyber posture. Using the platform, Speedoc could get started on its ISO 27001 compliance certification immediately, without having to allocate internal resources to decipher the compliance framework, thanks to prompt help from Cyber Sierra’s security experts.

With the help of Cyber Sierra’s platform, Speedoc could draft policies, and Statement of Applicability, map security controls and consolidate evidence collection.

"The entire experience with Cyber Sierra was efficient and smooth. Their platform enabled us to manage multiple compliance audits, such as ISO 27001 and CSA Cyber Essential Mark smoothly, providing real-time visibility into our security status and helping us proactively address vulnerabilities and improve incident response time", said James Yeo, Information Security Executive and Deputy Data Protection Officer (DPO) at Speedoc.

By leveraging Cyber Sierra's scalable security solution, Speedoc enhanced its operational efficiencies by eliminating conflicting policies, consolidating its toolkit and putting in place measures for heightened compliance as well as security. As a result, Speedoc could build on its technical infrastructure and processes to strengthen its security posture.

Outcome

Thanks to Cyber Sierra, Speedoc's infosec team could save time and work more efficiently by accessing all compliance documentation in one place, including suggested control baselines, continuous control monitoring, and a shareable security report for effective communication with third parties.

Speedoc could also successfully embark on a staff security training program using Cyber Sierra by adopting an organized and automated approach to employee security training. Continuous control monitoring using Cyber Sierra’s automation platform also helped Speedoc identify endpoints across its organization’s network with potential threats faster.

"Thanks to Cyber Sierra, we now have a more comprehensive overview of our tech infrastructure and processes, allowing us to secure our users' information better. The fact that we were able to achieve all this on a single platform is truly remarkable", added James.

Importantly, Speedoc could save significant money by reducing the costs associated with audit preparation and maintaining certification and by streamlining some point cybersecurity solutions - all of which were available on Cyber Sierra’s unified platform at no additional cost. 

All these gave Speedoc a competitive advantage and helped accelerate its growth by assuaging concerns regarding security and compliance.

Continuous Control Monitoring
Organized & automated security training 
Single pan access 
Expert counsel on compliance
Access to cyber insurance