Oyster is a mission-driven organization that bridges that gap between companies and the world’s top talent—so everyone, everywhere, has the chance to prosper. We believe distributing work opportunities can improve the health of people, communities, local economies, and the environment. Our vision is to spur a positive chain reaction around the world. But at our core, we are a technology company – a SaaS product – in the shape of a Global Employment Platform.
I’m a privacy and intellectual property attorney by trade. At Oyster, I handle our information governance program. Among other things, I deal with privacy, security, and data protection matters; I help build out all our policies and procedures that help maintain the confidentiality, integrity, and availability of our Customer and Team Member data; and I work collaboratively with all our internal teams to do so effectively.
Predominantly visibility. We do a lot in Google Drive and Slack. But we need to know exactly what’s there: you can’t protect what you can’t see. And unfortunately, most SaaS tools have very limited visibility based on their standard integrations.
For example, we can police Slack to see if people are posting information that they shouldn’t. But a tool like Metomic makes it a lot easier for us to do that. We have comprehensive visibility now across both Slack and Google Drive. We use Metomic to see what type of sensitive information is there, and it gives us different options on how to address those issues when they do pop up.
Certainly, the automations in Slack are great for us. Being able to say, ‘Here are our key risk areas. These are the rules we want to implement,’ and then having Metomic do that work for us is great. It makes our job much easier because we don’t have to do all of that manually.
But I think the key for us in working with Metomic has been the customer service. The support Metomic provides has been fantastic. Everyone we work with is readily available, and every time we come up with a feature we’d like to see, it’s always addressed and either quickly implemented, or we find other ways to make something happen, so that’s been great.
In implementing the Google Drive integration, we did find there were certain documents that contained information that we wouldn’t have wanted publicly accessible, but the documents were shared using the ‘Anyone with the link can view’ option. The challenge is that Google Drive is so easy for people to use, and most people assume that the only people with a link are the people you’re going to send it to. If the link is shared in Slack, all of a sudden, you have a sensitive document shared in Slack, with a publicly available link, and now you have two violations, instead of one. With Metomic, we were able to easily identify these risk points and remediate them.
Of course we have policies in place. But one of the keys with Metomic is being able to backstop against those policies. We tell people how to do things the correct way and we have training in place. But Metomic allows us to say, ‘Oops, it looks like you made a mistake here, so we’re going to (automatically) fix it for you.’
It’s allowed us to do things, with limited resources, that we might not have been able to do as quickly. We are making progress on longer-term goals that we simply couldn’t prioritize without the reporting and automation Metomic provides.
The two things that come to mind are ease of use and customer support.
It really was pretty turnkey. As soon as you set up the integrations, they’re available. You can go in and access everything you need. And anytime something isn’t quite right, the Metomic team has been available to help with support and to get it working the way we need it.