Pilot’s solution focuses on distributed global payroll and HR operations. Ensuring that employees are paid the right amount of money at the right time is a very important job, and customers entrust us with sensitive, personal information in order to perform this function. We launched the company with security and privacy at the forefront for this very reason.
We saw SOC 2 as an opportunity to effectively prove out our comprehensive security program to customers and prospects. We had much of what we needed in place – now it was just a matter of going through the audit readiness process and filling in any gaps.
We compared Drata to a legacy player in the space when considering a compliance automation provider. What struck us from the very beginning was just how incredibly quick and responsive the team was. Obtaining SOC 2 was something we wanted to get done as soon as possible, and we felt confident that Drata had the team to help us get there. Considering our aggressive timeline, we also knew that we’d require a high level of support and accessibility. Between Drata’s customer support and our auditor partner, Schneider Downs, we received relevant help and expertise every step of the way.
Aside from the team, the product itself had a clean user interface and features like a personnel grid view and in-platform policy editor that really helped in removing complexity and confusion from the process.
From prep to audit to receiving the report, the total process took about two months for us. One month to get all of our controls in order, and another month for the auditor to do their job. Without Drata, we estimate that a manual process would have taken us around 4 times longer, or 8 months total.
Drata’s technology allowed us to take an easy, step-by-step approach that we found enormously helpful. Once our integrations were set up, the majority of our controls were monitored autonomously and continuously, allowing us to move forward with our audit quickly and confidently.
With our successful SOC 2 Type I in hand and Drata continuously monitoring our controls, it makes sense to roll right into SOC 2 Type II. Between Drata, our auditor partners, and Pilot’s strong commitment to security, we’ll continue to prioritize compliance and make it a central theme of how we do business.
We wanted to collaborate with a provider that could work at our pace. We're a fast-moving company, and we needed a compliance partner that could emulate that, both from a technology and support perspective.
Close more sales and build trust faster while eliminating the hundreds of hours of manual work that used to go into maintaining your SOC 2 report and ISO 27001 certification.