Blog home

When it Comes to Security, Are You Part of the Solution?

June 18, 2014, Randolph Barr - At Saba, security is woven into everything we do
When it Comes to Security, Are You Part of the Solution?

At Saba, security is woven into everything we do

When it comes to cyber security, I’m fond of that old saying “if you’re not part of the solution you are part of the problem.”

For starters, the catch-phrase does a nice job of conveying the ever-present need to be proactive and vigilant against the constantly evolving threats to Internet and Cloud security.  Yet even more so, being part of the solution takes on a deeper meaning for those of us who are actually in the business of creating solutions.

In Saba’s case, of course, that business is creating scalable cloud-based talent management solutions for enterprises both large and small. And a key differentiator for us is our unwavering commitment to ensuring that security is deeply and seamlessly embedded in our solutions.  That means security is a priority from the moment an idea is hatched, in every phase of development, and then through implementation and ongoing support for our customers. To approach security any other way would be, well, to be part of the problem. 

Security – every step of the way

The reality is that today’s challenges are simply too complex and risky to try to shoe-horn security in at the end stage of product development. To create the best, most secure solution to meet the needs of today evolving workforce requires that security be an ever-present component woven into every step of the process.

In my view, Saba has done several things right to avoid that “shoe-horn” approach. From a cultural perspective, security is engrained into our corporate DNA. All Saba employees – regardless of role or title – understand how critical security is to our success, and the success and trust of our customers. We constantly communicate the importance of security, providing training and regular updates on new threats.

Also, our culture is built on openness and candor that creates an atmosphere in which people are encouraged to voice opinions or share concerns. I believe that environment creates an added layer of protection as people are comfortable raising issues that might have potential security implications.

We also created a Security Council that provides a consensus-based forum to focus on high priority issues. Importantly, this council includes many participants outside of our security, legal and IT teams. There are representatives from engineering, HR, product development, marketing and more. The diversity of this group allows for a full range of perspectives and valuable insights that help us better anticipate challenges and devise solutions that are in the best interest of our customers. 

The Security Council also helps keep our security and legal teams from tunnel-vision thinking. Instead of focusing on why something might not work, the mindset shifts to how can we meet and exceed customer expectations without sacrificing security in the process. It is a can-do attitude and approach that I think sets Saba apart and allows us to make the right business decisions at the right time, for the right reasons.

A multi-layered line of defense

Of course, this security-first mindset is backed by our robust formal security program that exceeds industry standards and features multiple layers of controls, policies and technologies aimed at thwarting the full spectrum of cyber threats. We adhere to privacy requirements that provide controls that address secure handling, retention/deletion and transference of personal information in accordance with our customers’ privacy requirements.  

From a network perspective, we rely on layered firewalls, advanced network design and network segregation as a multi-faceted line of defense against a myriad of threats. We are also disciplined in vetting and monitoring third-party vendors and data centers that we do business with to ensure they have advanced security systems and necessary certifications and policies to help assure the integrity of customer data.

Also, we take the additional step of having a third-party perform a “black-box” security assessment of our main domain and associated hosts. These assessments simulate the actions of cyber thieves, testing our systems in ways that allow for continual improvements.

Part of the solution

With security breaches making headlines every day, we understand our customer’s security concerns. That’s why security will always be engrained in our culture and foremost in our minds as we create, enhance and deliver solutions.

The end result is solutions with cutting-edge capabilities such as Social, Mobile and collaboration that effectively – but safely – help build employee engagement and drive better business results. At Saba, that’s what it means to be part of the solution.

Find more articles under Learning