Qualys - Security On Demand
CASE STUDY: RightNow Technologies

RightNow Technologies Overview

Business: Customer Relationship Management
Employees: 403
Revenue: $61.8 million
Web site: www.rightnow.com

Business Need

RightNowÂ’s customers were increasingly asking their vendors to prove their IT security due diligence.


QualysGuard Enterprise

Risk Reduction: RightNow Technologies Finds A Better Way

Leading on demand customer relationship management company, RightNow Technologies upgrades its vulnerability management initiative to more effectively reduce risk and build customer loyalty.

RightNow Technologies, Inc. knows how to manage relationships. The company's on demand customer relationship management software is used to efficiently help improve the customer service of more than 1,300 other organizations worldwide. Its CRM solutions manage all types of customer interactions, whether they're through phone, e-mail, Web, or Internet chat. And the company's intelligent and patented knowledge base provides extremely accurate customer interaction management for its users' customer service, sales, and marketing initiatives.

RightNow Technologies knows how to ensure that its customers get the best information they need to make intelligent decisions the very moment they need it. And that's exactly the type of actionable information RightNow demanded for its own information security efforts.

"Qualys' on-demand delivery model is a key differentiator. It's why we were able to get up and running in a couple of hours."

Ben Nelson, CISO,
RightNow Technologies

Regulatory Compliance Drives Need for Effective Vulnerability Management; Requires Better Efficiency Than That Provided By Open Source Tools

"Security and regulatory compliance are hot," says Ben Nelson, RightNow Technologies' corporate information security officer. And he'd certainly know, because RightNow services companies in some of the most regulated and security conscious sectors, such as health care, financial services, and government. "Our customers are becoming more security conscious and are starting to come back to us with requirements to meet their particular data security standards," he says.

An important part of those requirements includes remedying software vulnerabilities that can create dangerous security gaps within any business-technology infrastructure.

Security Due Diligence Builds Customer Trust

And that's more important now than ever. Substantiating organizational information security due diligence to partners, customers, and suppliers has become the norm—a necessity of doing business. Today's increasingly regulated business environment, and the heightened awareness of information security breaches, is causing more businesses to ask their partners and suppliers tough probing questions about how they keep their systems secure and compliant. "The requests for this type of information have risen about tenfold in the last year," says Nelson.

RightNow Evaluates Top Five Commercial Vulnerability Scanners

To find a solution, Nelson and his team set out to evaluate the top five commercial vulnerability scanners. Initially, the tools proved disappointing, too. "None of them seemed to do everything that we needed," he says. "While they provided one-time scan and reporting functionality, only a few provided a way to track vulnerability remediation workflow. And the reports they generated were often lacking," Nelson says. Except one. After extensive evaluation, RightNow selected QualysGuard Enterprise, from the on demand vulnerability management provider Qualys, Inc.

"Qualys was the only vendor that provided the complete 360-degree cycle of discovery, remediation, tracking, and reporting in one service," he says. "Qualys gives us the complete view we need."

Qualys' on demand delivery model also gives companies like RightNow accuracy and flexibility in vulnerability scanning, with no costly infrastructure to deploy or manage.

"There was no integration, and the installation was painless," says Nelson.