Spaceship starts their third-party risk program using UpGuard

Easy implementation, and a scalable vendor onboarding process helps this financial services company start their third-party risk program

scroll down
Spaceship screen shot
Spaceship logo dark

Spaceship helps their customers invest where the world is going. UpGuard gave them visibility into their external security posture, and streamline vendor management.

50

Vendors and partners monitored daily

20

Hours saved per new vendor onboarding

420

Vendor risks automatically discovered, and prioritized for remediation

Spaceship logo dark

Headquarters

Sydney, Australia

Industry

Financial services

Founded

2016

Overview

Spaceship is a financial services company, on a mission to help young people save and invest for their future.

Challenge

Help Spaceship get their third-party risk program started, without bogging them down in complexity, cost and jargon.

Solution

UpGuard VendorRisk for Vendor Risk Management and Security Ratings

A new approach to help young people save for the future

Spaceship is on a mission to help young Australian people build wealth. Their first product, a Superannuation (retirement savings) fund, leverages modern technology to give customers control over their finances. Whereas people once tended to settle into one career for life, it is now common to switch jobs many times, resulting in multiple Superannuation accounts to manage. Spaceship solves the problem of saving money in a world where life changes quickly.

The challenge

Spaceship depends on third parties for both technology and financial services, all of which must be secure and reliable to deliver a quality financial future. As a startup, they must allocate resources wisely, constraining what can be dedicated to vendor assessment in terms of time and money. Furthermore, as a company that prides itself on investing in the future, Spaceship needs a solution that reflects the forward thinking that drives their own success.

The solution

To gain visibility into the risks of their digital surfaces and those of their vendors and partners, Spaceship turned to UpGuard VendorRisk for continuous risk monitoring, security ratings, and automated assessments. The risk monitoring capabilities assured them that their own internet-facing properties were securely configured, and gave them the technical information to guide their vendors toward best practices. Security ratings enabled the team to prioritize the third parties most in need of a closer look, and the questionnaire assessments closed the loop with detailed responses on internal controls needed to safely do business.

quote start

UpGuard’s Cyber Security Ratings help us understand which of our vendors are most likely to be breached so we can take immediate action.

quote end

The results

Zero-effort deployment

UpGuard VendorRisk is a cloud-hosted solution, so there was no software deployment needed to get started. The Spaceship team was able to invite their whole team in minutes. Next, they imported a list of their vendors. Because UpGuard monitors every business with a digital footprint, the detailed results and risk scores were available immediately. The team even started “following” vendors that they were not yet using in order to proactively measure their risk.

Decreased risk of a security incident

Securing Spaceship’s own assets– and implementing ongoing monitoring to prevent any regressions– was a simple step to decreasing their risk of a data breach. After entering their own primary domain, the UpGuard cloudscanner returned a list of websites and assets associated with Spaceship. To complete their risk profile, Spaceship added their API endpoints to ensure new development would not introduce configuration risks.

Scalable onboarding process for new vendors

Prior to using UpGuard, onboarding vendors was an ad hoc process, as it often is even at much larger organizations. Administering assessment questionnaires presented too much of a time sink to be worth the benefit. With UpGuard’s automated questionnaires they could build that into the vendor onboarding process with virtually no additional effort. High risk issues were automatically flagged for review.

The initial estimate of instituting such a vendor risk management program was adding a full time employee; with UpGuard automating much of the work, an existing Spaceship employee was able to add it her onboarding process without issue.

You’re in good company

Join hundreds of companies like yours using UpGuard to manage their cyber risk, secure their data and automate their security compliance.

quote start
UpGuard helps secure the New York Stock Exchange
Before, we needed an army to reconcile all of our changes. Now, we have an automated, scalable process that strengthens our regulatory stance, expands our coverage, reduces operational risk, and allows us to continuously improve our IT operation process.
quote end
quote end

Chuck Adkins

VP of Technology
New York Stock Exchange
NASA Logo Dark NYSE Logo Light
Morningstar Logo Light Akamai Logo Light
Bill Com Logo Light IAG Logo Light ICE Logo Light ADP Logo Light

See UpGuard In Action

Book a demo with one of our cybersecurity specialists.