How Bynder saves 375 hours annually by automating security workflows with Vanta

THE COMPANY

A digital asset management provider at the forefront of AI

Bynder is a cloud native, digital asset management (DAM) company that serves over 4,000 brands, including companies like Spotify, Mazda, and Vodafone. Bynder’s AI-powered platform is the system of record for all brand, campaign, and product-related digital assets. Its powerful capabilities, intuitive UI, advanced AI, and wide range of integrations help global teams create, find, manage and deliver content supporting their digital and omnichannel strategies to drive meaningful ROI.

Because Bynder supports businesses across industries and geographies, security is Bynder’s highest priority. Bynder operates in a complex regulatory environment, and the stakes couldn’t be higher. That’s why Bynder is fully committed to implementing, managing, and demonstrating compliance with all relevant security controls. Bynder’s approach combines robust security frameworks, continuous risk assessments, proactive monitoring, and regular employee training to ensure the protection of customers’ data and maintain their trust.

However, Marciano Kruithof, Bynder’s VP of InfoSec, envisions security as more than a tedious checklist—security and compliance are business enablers. As Bynder continues to leverage AI both in its product and across the business to improve operations, Marciano sees an opportunity for the technology to uplevel security and compliance and turn Bynder’s security posture into a strategic differentiator in the market. 

‍

THE CHALLENGE

Outgrowing manual security processes and clunky spreadsheets

As a global Saas provider investing heavily in AI, Bynder must adhere to a wide range of regulations and standards. To solidify its security posture and meet regulatory demands, the company’s internal security controls must be robust, thoroughly monitored, and verifiable.

In the past, controls for compliance frameworks, like ISO 27001, ISO 27018, and ISO 23001, were monitored manually. “It was so time-consuming,” Marciano says. “We spent over 500 hours per year managing our security program.” It was evident that Bynder’s compliance needs had outgrown the massive spreadsheets the security team had been using at the time. 

Eventually, Bynder moved control monitoring from Excel to Jira. But by 2022, the team had over 425 tickets related to security control monitoring and testing. While Jira made organizing controls and test results easier, it did little to reduce the security team’s manual work.

‍

THE SOLUTION

Utilizing automation and AI to drastically reduce the security team’s workload

Marciano needed a robust solution to help the security team work more efficiently and scale their processes alongside the business. Because he prioritized automation capabilities and increased visibility, Vanta’s platform and support stood out from the competition.

{{quote-2}}

Bynder uses Vanta to automate security control monitoring and evidence collection. The platform maps controls to relevant frameworks, automatically highlighting any security gaps or non-compliance issues, unlocking complete visibility across Bynder’s ecosystem.

Vanta has also helped Bynder streamline vendor procurement and vendor risk management. “Managing vendors from a security perspective used to be a lengthy process,” Marciano recalls. “We were sending out questionnaires, gathering artifacts, going back and forth, but now, all of this is automated.” Additionally, Bynder uses Vanta AI to answer questions about the security artifacts the system generates, saving the team even more time.

The plug-and-play nature of Vanta’s 375+ integrations, like AWS and Jira, and the platform’s high configurability allow Bynder to customize the tool to fit its unique needs and workflows. Vanta also centralizes and continuously monitors Bynder’s tools and platforms, providing the team with ongoing support to keep the company compliant and secure. 

‍

THE IMPACT

Transforming security into a business enabler

By partnering with Vanta, Marciano estimates that his security team has saved around 375 hours of work annually. Vanta has also helped automate 90 percent of all Jira tickets. He adds, “With all the time saved, my team can focus on further scaling our security programs and onboarding new compliance frameworks, so that Bynder continues to support the business and needs of its clients.”

The strategic focus and additional functionality of Vanta’s platform enable Marciano and his security team to focus on providing value to the business. For example, in the past, security questionnaires often slowed down the vendor procurement process. With VRM, the security team can quickly vet vendors while helping other teams gain access to the security resources they need.

The Trust Center also has a huge impact on Bynder’s operations. It allows internal and external teams to directly access pentesting results, security assessments, certifications, and other compliance documentation. Sales reps can immediately access the reports prospective clients want to see, showcasing Bynder’s comprehensive security posture. Companies doing their own DAM vendor research also appreciate Bynder’s transparency and readily available security documentation.

To support Bynder’s ongoing investments in AI functionality, Marciano’s security team is targeting ISO 42001, a standard for building trustworthy AI systems, next. And with Vanta’s guidance and support, that certification is in reach, setting the company up for success now and in the future. 

{{quote-3}}