Today we are meeting with Karl Bagci, Head of Information Security at Cronofy. Cronofy is the scheduling platform for business, delivering automation to help teams organize their time effectively. They offer Scheduling APIs and UI elements that embed into your SaaS tools, integrations for popular applications, and an off-the-shelf product, the Scheduler.
What’s your title and how long have you been using Pima?
I am currently the Head of Security and Compliance for Cronofy. We have been using Pima for about six months now and it already feels like an extension of the team.
What problem were you trying to solve when you decided to use Pima?
Pima helps us solve a couple of things.
The first problem is document management. We used to have a Dropbox folder with various documents that were all signed at different times, with different naming conventions, and managed by different people - it was quite confusing. Pima has helped us to organize our documents in a way that we weren’t able to with Dropbox.
The second problem that Pima has helped us solve is our Infosec team having the same conversations or email exchanges with people. With Pima, people can request documents directly from our website without a conversation, saving us a lot of time. Shifting the information to the left is an important part of being a scalable function within a business.
What other solutions did you consider?
We looked at a few options including OneTrust, and even considered building something ourselves. Then one day, we requested a document from CircleCI who also use Pima, and we found the whole process really slick.
We could have gone the OneTrust direction and ended up paying for many tools that we don’t need or use, or just pay for this one, which solves the problems that we had.
What risks did you consider?
There was some nervousness about giving up the keys to the kingdom. It’s a mindset change to let people request documentation without somebody getting involved. You ask yourself - what if somebody abuses that process in some way?
But there are enough controls in place to prevent that from happening and we know we can manually approve requests if it comes down to it.
That being said, in practice, we’ve been using Pima for six months now and that’s not the case at all. All of the requests we’ve had have been genuine requests and Pima has helped to make the security part of the sales process a lot quicker.
What measurable benefits have you seen?
I don’t have quantitative figures, but in terms of time we’re not spending sending out documents - I feel like we’re in a much better place now! The team internally can send out Pima links, our CEO sends out links too. It’s so much simpler because customers can serve themselves.
This is truly where Pima is going to help. Tools like Pima are the key to scaling effectively. It allows us to take on more work without needing to hire more people.
What are the main teams at Cronofy using Pima?
Everybody can use Pima. The security team, sales team, and all of our support team. All support requests come into Zendesk, and I’ve written a macros for the team to use when handling compliance requests.
What do you like the most about Pima?
The software is super straightforward, you don’t have to be very technical to get started. You’d have thought that getting started would have been a bit of effort with having to configure the agreements and whatnot - but it was so straightforward, I loved that about Pima.
However, the greatest thing about Pima, and the feature I use the most is “doing nothing”. The self-serve aspect is everything. It means that when someone on the team is on vacation, customers can still receive the information they need, instead of waiting for the team to return.
