When the COVID-19 pandemic hit, Appian’s security perimeter model had to fundamentally change to ensure resilience and security in the new era of 100% remote work.
“To support this, we did something big: We built our own . . . security, orchestration, automation and response to automate security incident investigations,” said Omesh Agam, chief information security officer. “With a lean staff working remotely, it was essential that we find ways to move faster. This application streamlines our investigations by pulling all the context and data we need into one place.”
Appian bolstered its stance by focusing on tools and process automation. The team added endpoint tools on laptops, additional checks through the system, and out to third party sites and services.
“When COVID started, it disrupted how people collaborate and how they get information at work,” Agam said. “By investing in increased automation, we countered the disconnections that could have slowed us down.”
The company also added two new security frameworks to its Trust Program: ISO 27017 and ISO 27018. These two new certifications are internationally recognized standards that provide additional controls for cloud-specific security risks.
“They are essential for our global enterprise clients,” Agam said.
In addition, Appian achieved Federal Risk and Authorization Management Program certification for its Robotic Process Automation offering.
“This is significant because government and defense organizations can now adopt cloud RPA directly from Appian that meets rigorous standards for security, compliance and scalability,” Agam said.
Why Watch
In 2021, Agam is working to scale up his information security team to support Appian’s growth. Externally, he is focused on customers’ requirements and ensuring Appian’s global security program continues to meet the requirements of the world’s largest companies and most demanding environments.