DATAMARK

Build Customer Trust Through Security Excellence

Datamark is a leading provider of business process outsourcing (BPO), contact center services, and digital document management services to start-ups and Fortune 500 organizations. Due to the nature of these services, the company is frequently entrusted with highly sensitive data from customers across risk-conscious industries such as healthcare, finance, insurance, and transportation. As a result, continually demonstrating strong security practices to both prospective and existing customers is essential to the company’s long-term success.

Download Case Study
datamark logo

Proof Points

100’s of hours saved

Bitsight easily saves Datamark between 500–1000 hours annually

10% premium decrease

Datamark can roughly attribute a 10 percent premium decrease as a direct result of Bitsight.

Fewer Vulnerabilities

Minimal issues on external vulnerability scans and penetration tests over the last two years, since Bitsight helps Datamark identify and remediate most vulnerabilities proactively.

Salvador Padilla
Director Of Information Security, Compliance & Project Management Office

Bitsight does a great job of classifying vulnerabilities based on severity and giving us remediation action plans that help us hit the most important items at a specific point in time.”

Making security a competitive differentiator

Outsourcing a critical business function to a third party requires a great deal of trust. For this reason, security is often a leading topic in Datamark’s sales conversations and request for proposal (RFP) responses. Bitsight helps the Datamark team have data-driven discussions about risk with prospective customers, distinguishing the company from its competitors.

“Many of the companies we speak with are already using tools like Bitsight to evaluate potential vendors, so the fact that we’re using the same approach to prioritize our security efforts — and already have a high Bitsight rating — is a big advantage,” said Salvador Padilla, Datamark’s Director of Information Security, Compliance & Project Management Office. This has proven to be such a competitive differentiator that the company proactively introduces the topic of security early in the sales process. “If they’re not already aware of Bitsight, we educate them about it, and they’re usually impressed to see that our rating is even higher than their own,” said Padilla.

Finding and remediating vulnerabilities systematically

Bitsight also plays a pivotal role in Datamark’s efforts to stay ahead of security vulnerabilities. The security team regularly performs vulnerability scans of its entire network and endpoint footprint, but in a world of finite security and IT resources, the prioritization insights that Bitsight provides are invaluable. “Bitsight does a great job of classifying vulnerabilities based on severity and giving us remediation action plans that help us hit the most important items at a specific point in time,” Padilla said.

In addition to ensuring that critical vulnerabilities are addressed quickly, the Bitsight-guided approach is also making a longer-term impact on Datamark’s overall risk posture. “When we’ve performed external vulnerability scans and penetration tests over the last two years, the results have been minimal since Bitsight helped us find and remediate so many vulnerabilities ahead of time,” Padilla noted.

Salvador Padilla
Director Of Information Security, Compliance & Project Management Office

Since we service Fortune 500 companies, it’s important for us to demonstrate that we’re adhering to their security standards, our own security standards, and the expected practices for their industry.”

Eliminating legacy infrastructure complexity

Many successful security breaches exploit legacy systems and configurations that organizations no longer need but have lost visibility into. This is another area where Bitsight has empowered the Datamark team to bring a more proactive approach to their security efforts. “As there is turnover in technology and security teams, it’s easy for many small things to go unchecked,” Padilla said. “We’ve done a lot of work over the last year in areas like reviewing certificates, cleaning out unnecessary DNS records, and adding web headers in places where they were missing.”

While many of these improvements may seem minor when viewed individually, they collectively add up to a significant improvement in Datamark’s overall security hygiene.

Reducing insurance and resource costs

In addition to reducing organizational risk, Datamark’s strategic use of Bitsight has also helped the company drive costs down in several key areas. One notable example is cybersecurity insurance premiums, where Datamark used its favorable Bitsight rating to support its negotiation. “We can roughly attribute a 10 percent premium decrease as a direct result of Bitsight,” Padilla said.

Additionally, approaching activities like vulnerability management, compliance audits, and customer risk assessments more systematically has also kept the team out of reactive mode and improved overall operational efficiency. “Bitsight easily saves us between 500 –1000 hours annually,” Padilla noted.

Strengthening companywide security awareness

The Bitsight Security Rating serves as an easy-to-understand reminder of the role that everyone across Datamark plays in keeping the company and its customers safe from cybersecurity threats. It’s used consistently at executive briefings, ongoing metrics and reporting, and companywide updates. “Bitsight has really helped us raise cybersecurity awareness across Datamark,” Padilla said. “It’s an easy way to see that we’re top-tier when it comes to security, and everyone, from the president to individual employees, takes an interest in the latest ratings updates.”