Gremlin’s commitment to security and privacy transparency
Gremlin, a leading reliability management platform, assists a diverse clientele—from major financial establishments to emerging SaaS businesses—in enhancing system resilience through safe experimentation.
Skyler Sampson, Lead Security Architect, emphasizes, “At Gremlin security has been at the core of our ethos from the beginning. Skyler’s vision was clear: Gremlin needed a tool not just to tick boxes, but to articulate the depth of their security and privacy commitments to their customers.
Finding the right tool to earn customer confidence, faster
For Skyler and the Gremlin team, simply showing customers what they do from a security and privacy standpoint wasn’t enough. They wanted to show customers why they do what they do without relying solely on security questionnaires.
“In my previous roles, I used a tool that gave us a public presence behind NDA workflows and included standardized questionnaires like CAIQ and SIG. I saw that customers responded better when we had a public security presence. This tool was good enough for the time, but as we went on, we found that these standardized questionnaires became less relevant and that what we were getting were elaborate, customized questionnaires.”
While earlier tools provided static solutions for standardized questionnaires, they fell short in handling the increasingly complex, custom questionnaires Gremlin faced. Finally, Skyler found TrustCloud.
“TrustCloud had this ethos of a customer-first approach which was different than what we had seen before. Rather than ‘showing what we’re doing’ TrustCloud helped us show what the customer wanted. Instead of it being very static it gave us a dynamic page that shows why we do things, not just what we do, and that we are doing them continuously. It’s the same ethos of how we do resilience testing, continuously.”
Using TrustCloud to take a customer-first approach to demonstrate their security and privacy posture
TrustCloud empowers Gremlin with a tailored approach to confidently demonstrate their security posture. The platform’s transparent interface lets clients easily and securely access Gremlin’s SOC 2 report and policy documentation.
Skyler observes, “Smaller clients often look at our trust portal and we don’t hear from them again. When larger enterprises see the way we think about security it makes the discussions much easier; we’ve seen things smooth out by having a public presence of security available.”
By pairing their dynamic trust portal with TrustCloud’s questionnaire automation, The Gremlin team has also seen a 91% decrease in the time it takes them to complete security questionnaires.
“Before TrustShare, a 400-question questionnaire would take me 14 to 18 hours. Initially, TrustShare took our average down to seven hours. Now, we’re averaging an hour and a half for similarly sized questionnaires.”
Even Gremlin’s sales team acknowledges the platform’s value. “Our sales team loves TrustShare, they love to show it when they’re at customer sights because it shows that we think about security and it’s something that we do above our competitors and demonstrate very clearly in a way that isn’t overbearing in the amount of detail. We’re able to provide concise and clear information,” says Skyler.
Reclaiming time to focus on what matters
TrustShare by TrustCloud has not only expedited Gremlin’s security reviews but also brought a transformative change to Skyler’s work-life balance.
“Now we can facilitate emergency requests if needed. If our sales team needs a questionnaire by the next day I can do it now. TrustCloud has been key to our ability to facilitate these emergencies. In the past, I would stay up until 2 or 3 in the morning getting it done. I don’t do that anymore. I spend days with my kids and get to hang out with them and I get to go to bed at a decent hour. It has made my personal life phenomenally different.”
What Trust Assurance Means to Gremlin:
“Trust Assurance isn’t just: are we doing the right thing? It’s: are we telling you that we’re doing the right thing? Not only are we doing the right thing, but we’re going in and re-validating that we’re doing the right thing. This is paramount to having our customers trust us long term.”
Advice from Skyler Sampson
“If you’re looking for a tool find what fits your needs. Find where your pain points are and look for tooling that helps you solve those pains, not just track those pains. In compliance a lot of tools just track what you’re doing, you need something that will help you know if you’re solving these issues rather than just checking a box.”