“Regard your good name as the richest jewel you can possibly be possessed of, for credit is like fire. When once you have kindled it you may easily preserve it, but if you once extinguish it, you will find it an arduous task to rekindle it again.”

- Socrates

If there is any organization that understands this ancient Greek wisdom, it is Reputation.

Through their platform, businesses can manage reviews, administer surveys, monitor social media mentions, and analyze customer interaction channels to improve their online image and drive sales. The platform’s analytics and reporting capabilities provide insights into customer sentiment and areas for improvement, aiding in decision-making and strategy development.

The business case

“At Reputation, our customers’ trust is our most precious asset. Leveraging artificial intelligence tools to accelerate operations, reduce costs and provide a better experience to our users is a top priority. At the same time, doing so responsibly while protecting our data - and that of our users - is equally important. Walter and the StackAware team have a deep understanding of these challenges and delivered a superb AI risk assessment that sets us up for success. The StackAware team is a great choice for identifying and mitigating risk while rolling out AI-powered tools.”

- Jason Grier, Chief Operating and Chief Product Officer, Reputation

The company’s need to ingest and analyze many sources of structured and unstructured data made Reputation an ideal early implementer of artificial intelligence (AI) technologies. The company leveraged them to deliver value to its customers when:

• powering search

• improving customer experience

• deriving insights from vast data sources

“Our product and engineering teams are moving at Mach 7 to launch new features for our customers. Enabling them to deploy securely, rather than slowing them down, is our team’s main goal. Walter completely understood and embraced this philosophy. Every recommendation he made as part of StackAware’s assessment was tailored to maximize business value delivery while managing AI risk responsibly.”

- Honey McGinley, Information Security Analyst, Reputation

AI governance, security, and privacy challenges

As with any new technology, the rapid deployment of artificial intelligence systems brings complications and potential risks.

SOC 2 and ISO 27001 compliance

Just like it leans into deploying AI systems, Reputation proactively communicates its security posture to prospects, users, and auditors. Through the SOC 2 attestation and ISO 27001 certification processes, the company demonstrates its commitment to industry best practices, accelerating due diligence when working with potential new customers.

As a result, a key consideration for the Reputation team was ensuring rapid AI technological developments did not complicate future audits.  

Controlling and protecting sensitive data

The company's intellectual property powers its competitive edge, making safeguarding it an existential concern. Reputation’s customers - as well as its customers’ customers - rely on the platform to protect their information. This made data security another important concern. Third and even fourth party AI risks related to unintended training and data retention were thus top of mind. Having a trusted partner who could run these concerns to ground was critical.

Refer a friend

Maintaining user privacy and adhering to GDPR

Being a global company meant Reputation needed to pay close attention to data privacy regulations across the world, especially the European Union General Data Protection Regulation (GDPR). More broadly, Reputation is committed to being a responsible steward of user privacy. Governing the use of personal information thus also topped the list of AI-related concerns.

“If you need concise and actionable multi-threaded analysis that addresses key compliance and privacy concerns, StackAware is the obvious choice. Walter and team have a deep understanding of the underlying frameworks and regulations while at the same time can offer realistic and timely advice at how to adhere to them, all the while maintaining and building customer trust.”

- Martin Sims, Senior Privacy Counsel, Reputation

The assessment process

Understanding how complex the terrain is becoming, the Reputation security team brought StackAware aboard to help them navigate it safely

Our journey began with a meticulous analysis of the Reputation platform’s operational dynamics. Understanding the pivotal role of AI in analyzing vast swathes of customer feedback and automating responses, we tailored a risk assessment blueprint to ensure seamless alignment with their business objectives.

The analytical phase encompassed a thorough review of Reputation’s AI tools, policy documentation, and security protocols. Our aim was to construct a comprehensive picture of the risk surface, delving into the realms of security, privacy, and compliance without impeding the pace of innovation.

In an exhaustive 30-day sprint, we crafted remediation strategies and outlined a roadmap to fortify Reputation’s AI (and broader technological) infrastructure. Our deliverables - a machine-readable risk register, coupled with a detailed live presentation - gave the company actionable recommendations for managing their risk while meeting business needs.

“We continue to securely and thoughtfully integrate artificial intelligence tools, both internally-developed and third-party, at various stages of deployment across the company. The StackAware AI risk assessment was absolutely crucial to identifying the top challenges and determining how to address them. Walter’s expertise across cybersecurity, compliance, and privacy issues is unmatched.”

- Larry Smith, Senior Manager, Information Security, Reputation

Conclusion

Managing risk stemming from AI-powered products and systems is the reason StackAware exists. With our deep experience across enterprise software vendors, supporting heavily-regulated industries, as well as serving in the U.S. intelligence community and military, we are at ease in complex and ambiguous situations.

Our core mission is to let clients thrive on the digital frontier while upholding the highest standards of security and compliance.

Ready to see how we can help?

Get your Data Defense Blueprint