Modernizing service delivery and vulnerability response

Disrupting payments and traditional lending
Latitude Financial (Latitude) is a leading consumer instalments and lending business, providing innovative products and services to merchants, commercial partners, and over 2.8 million customers across Australia, New Zealand, Asia, and North America.

Latitude’s mission is to enhance financial access and inclusion as a responsible partner in money. Integral to this are informed and engaged employees, supported by a powerful service delivery platform.

In the past, inadequate workflow automation in the business’s legacy tool caused slow response times to a large volume of incidents and a backlog of work. Different teams created their own spreadsheets to capture information on cybersecurity threats and vulnerabilities, which were then sent to a service provider to carry out vulnerability remediation. This siloed and manual process lacked the necessary visibility and precision to quickly identify and prioritize threats, negatively impacting the business’s security.

“As a regulated entity in the financial services industry, we are subject to the requirements of the Information Security Act. Managing risks is not possible unless we understand what our vulnerabilities and threats are,” says Tony Wilson, Latitude’s Chief Information Security Officer. “There was also no accurate asset registry, so this created problems in information security and in the technology space.”

Detecting vulnerabilities in hours
Latitude had used a legacy tool to scan vulnerabilities and generate multiple spreadsheets to collate reports. Each team passed the spreadsheets to the service provider to verify the accuracy of data, such as confirming which assets in the asset register were exempt from patching.

“This process was extremely inefficient and labor intensive and caused delays that increased exposure. There was also no single source of truth about how many vulnerabilities we faced,” says Tony.

Using ServiceNow Vulnerability Response, the new process automatically ingests scanned data, so Tony and his team can now identify potential vulnerabilities in real time, empowering Latitude with accurate reporting and risk scoring. This also allowed teams to focus on managing the process and fixing issues, instead of generating spreadsheets.

“We used to run vulnerability scans once a week. With ServiceNow Vulnerability Response, we can perform a scan every four hours and respond to threats almost immediately,” says Tony. “With such efficiency gains, three staff members have been freed up and redeployed to higher-value tasks.” 

Automating the data feed from ServiceNow into a third-party privacy platform to deliver accurate data associated with assets, the IT team can now easily identify assets that are critical or sensitive, and determine the security control required for them. 

“Control assessment is a requirement of the Information Security Act. ServiceNow enables us to take faster action for vulnerability remediation activity and ensure our security policy is aligned with regulatory needs,” says Tony. 

Tripling the speed of service delivery to employees
In the past, it could take ten days to close an incident due to the lack of automation between teams. With almost 1,250 interactions going through the service desk weekly, it became unsustainable for the support service team to manage such a high volume of requests. After deploying ServiceNow IT Service Management (ITSM), employees can simply log their requests or track status via the ServiceNow employee experience portal, Latitude 360. 

“With ServiceNow ITSM, we have tripled the speed of service delivery and can close an incident in just three days instead of ten. This is transformational for our organization,” says Erhan Stephenson, Head of Enterprise Service Management at Latitude. “The response bottleneck is a thing of the past, which is reflected in our weekly employee satisfaction rating that has improved from 80% to 98%. 

“We have to adapt processes depending on employee requirements. ServiceNow is out-of-the-box and we can optimize processes or even retrofit where necessary.”

Accelerating offboarding processes
Previously, Latitude was unable to satisfy stringent requirements to offboard users within 24 hours. Latitude leverages ServiceNow Integration Hub to automate workflows between ServiceNow ITSM, Workday, and Microsoft Active Directory with up to 60 supportive systems. It can now quickly process HR requests such as terminating access for leavers, and meet tolerance requirements established by the board.

With integration, Latitude is developing individualized vendor management dashboards. This visibility enables internal stakeholders to monitor their specific vendors’ service performance in real time, reducing more than 160 days of effort across the year in developing these reports.

Latitude then turned to Thirdera, an experienced pure-play ServiceNow partner, to roll out ServiceNow ITSM Professional and leverage its Virtual Agent (chatbot), Performance Analytics, and Predictive Intelligence (AI) capabilities to further optimize processes and elevate employee satisfaction to the next level.

Thirdera delivered the ITSM process configuration within the project timeline, and over the last three years has also provided a strategic roadmap to unlock value in other parts of Latitude’s organization. 

Faster response to audits and compliance
Latitude needed to review high-risk software suppliers every quarter. The effort to define the licence position was laborious with the legacy tool – the snapshot of data required for review could be out of date within days. Latitude needed to automate the tracking of software licenses across the enterprise and meet license compliance. 

When ServiceNow Software Asset Management with Service Mapping is deployed in phase two of the project, the IT team anticipates discovering up to 90% of software licenses for all assets rather than just 50% using the legacy tool. “Software Asset Management provides us real-time insight into license compliance and ensures our software suppliers conform with their license obligations,” Erhan explains. 

“Once we have fully configured, discovered, and automated the lifecycle of all our software assets with ServiceNow over the next few months, we will be able to respond faster to internal and external audits and avoid licensing costs; we can expect to avoid millions of dollars in unbudgeted software costs,” predicts Erhan. 

“One of the biggest takeaways from deploying ServiceNow is building trust with our employees,” says Erhan. “They know when they come to us; things are getting done. The result is they’re updated, informed, and engaged.”

Download PDF