As a quickly growing startup, we knew that our approach to sales would change once we started to go after enterprise deals. And sure enough, we started to see some of our larger prospects asking questions about our internal security measures. We never, ever wanted this to be a blocker to building relationships and growing our company.
That said, we didn’t have anyone on the team fully dedicated to security and compliance. While meeting compliance requirements was a natural next step in becoming a better product for our enterprise customers, we knew we were going to need a strong level of support and guidance in order to get it done.
Some quick research showed us that there were numerous software solutions available on the market. We wanted something highly automated, proven, and supplemented by best-in-class support to ensure a successful audit. To be honest, we struggled a bit with choosing between a bulkier, more mature platform vs. something new with a potentially better user experience.
In the end, Drata’s demo won over our CTO, as did just how incredibly approachable the team was. We felt like Drata was going to be extremely hands-on with us and work with us every step of the way. They were patient, great listeners, and were willing to do whatever it took to ensure we were successful.
We had heard horror stories about how intense the whole audit process was, how manual and tedious. Our internal lead on this (also our head of marketing and operations!) wasn’t exactly thrilled at the thought of dealing with an endless array of screenshots and downloads.
Our concerns were immediately put to rest as soon as we accessed the platform and saw how quickly our tech integrations were set up. Onboarding was a breeze with Drata. We started clicking around right away, gained immediate visibility into our controls, and saw what we needed to collect and remediate. It was immediately impactful. From thereon, we worked closely with Drata’s customer service team to take the process one, digestible step at a time.
The experience would have gone from enjoyable and educational to downright brutal. Drata provided a level of automation that helped us get a massive headstart. The policy templates were a huge win for us in terms of time and effort, employee onboarding was seamless, and we loved how easily Schneider Downs, the audit firm that Drata recommended to us, got access to the data they needed for our audit.
The product TAUGHT US how to be a more secure company. We had to adapt our practices, take a look at what we had, and learn to think, act, and communicate as a security-focused organization. The language of security and compliance is not spoken by everyone, particularly a company of Air’s size. Drata helped translate this for us and put it into action.
Look for the platform that’s as automated as possible and one that will keep monitoring your controls even after you receive SOC 2. Daily monitoring is total peace of mind and with it, we can always see where we are, where we’ve been, and have the utmost confidence in where we’re going. We recently received our SOC 2 Type 1 report with Drata and now have exactly what we need to start going for our Type II.
Finally, it’s imperative that you pick the right partners, particularly if you’re a small company with no dedicated compliance resources. Work with a group of people you feel good about and that make you feel confident in the process.
We're leaning more and more heavily into enterprise relationships, and so the bar for our security status just continues to rise. Our team will continue to work with Drata to ensure we stay one step ahead and continue to lead in our security posture.
Close more sales and build trust faster while eliminating the hundreds of hours of manual work that used to go into maintaining your SOC 2 report and ISO 27001 certification.