In case you haven’t been paying attention to the latest GRC software trends there’s one area that many tools are working on that is increasing in popularity; integrations. Many other software categories have proven the power of integrations and it was only a matter of time before GRC software adopted the integrations strategy too. However the motivations behind incorporating integrations into a tool varies, and based on those motivations the execution of integrations varies as well.
In the GRC software space integrations are critically important to enabling companies to scale their compliance programs without scaling their headcount. The potential efficiencies to be gained from the right integrations strategy can be the difference between run-of-the-mill compliance software being used by a team of compliance managers and a small team using intelligent software to get more done with less. With Comply, we are building intelligent integrations and don’t need 100 integration logos until our customers need 100 integrations that are truly useful.
Integrations as a Strategy
Integrations are a strategy that primarily help in two areas of a business, product and marketing. Integrations intended to build a better product have the ability to also help with marketing, while integrations for the sake of marketing, don’t really improve the product.
When a company decides that integrations are going to be a part of their strategy they have 2 paths they can take; one option is to try and cover all of the various services every customer may need, the other option is to build integrations based on what customers are trying to accomplish with the integrations.
By deciding to try and cover all services for all customers the company would be focused on using integrations as a marketing and growth strategy; the more the better. This results in a large quantity of integrations that don’t provide much functionality. Integrations with Zapier and other integration aggregators are one quick way to get many integrations, and is an indicator of prioritizing quantity over quality.
It’s the old quality vs quantity debate. By focusing on utility and working on quality integrations, the company would likely pursue fewer integration options. There would be a prioritization of deep integrations with other tools that provide significant customer value and have impactful benefits.
With Comply, our primary goal is to build intelligent integrations that provide as much value as possible. We believe in quality over quantity, and prioritize integrations based on customer need and value. Our integrations go beyond simple alerting and data input; they bring in important data and make it usable, seamlessly working with our automations functionality to alleviate manual compliance work. We build integrations that send alerts and also allow completion of that alert right from the integrated tool.
Comply integrations take the difficult work of compliance and simplify it.
Integrations that simplify compliance management
There are workflow integrations in Comply to help compliance managers administer work that needs to be done and make it simple for them and their colleagues to complete tasks. Currently Comply integrates with Jira, Slack, and email to send notifications and enable evidence collection. While other tools' integrations are limited to only providing notifications, Comply allows the notification receiver to also respond, in that tool, with evidence and comments to be uploaded to Comply. With these integrations your colleagues don’t need to login to Comply to help you complete tasks, making their jobs easier and them more likely to fulfill your requests quickly.
Integrations that automate compliance management
The SaaS integrations in Comply provide a wide range of useful automations because of the way we focus on intelligent integrations. Comply integrates with services like G Suite, Okta, JumpCloud, Jamf, GitHub, GitLab, and more. Other tools have similar integrations to bring in assets, however bringing in data simply isn’t enough for us. To make our integrations useful we bring in assets and combine the data with our automations functionality to enable automating evidence collection, user access reviews, issue detection, and more. Testing controls is simple when your compliance tool has continuous monitoring and intelligent integrations that are working 24/7 to find changes, collect evidence, and surface issues.
Included in the SaaS integrations are infrastructure integrations which are developed using the same philosophy as our other integrations, making them intelligent and useful so they provide value to compliance managers. For example, our AWS integration covers IAM, RDS, S3, and EC2 with 22 different evidence collection and issue detection automations that help implement 29 different requirements across 4 frameworks. In addition the integration automates creating and maintaining an accurate inventory of people, service accounts, groups, compute, and storage assets.
Whether you're managing the day-to-day of compliance or actively preparing for an audit, Comply’s integrations will help you with automations, data, workflows, and reporting.
Deep, before wide
Our strategy with Comply is to go deep with our integrations. We believe that compliance software should be simple, intelligent, and complete. If that resonates with you, contact us for a demo. We’d love to show you how intelligent integrations fit into our end-to-end compliance management platform.