Because Lumiio focuses on real-world digital health data collection, we knew data protection and cybersecurity were foundational elements upon which the trust of our stakeholders is earned and maintained. We pursued SOC 2 Type 1 compliance as tangible validation of our corporate values and continued commitment to ensuring the highest levels of cybersecurity for our stakeholders, processes, and technologies.
After reviewing several platforms, we concluded that Drata was the best fit due to its focus on controls automation and reporting. The expansive list of integrations Drata has with other cloud-based software was also a deciding factor. We knew Drata’s out-of-the-box policies and controls that were mapped to Trust Services Criteria would significantly expedite efforts to configure and demonstrate evidence and requirements of SOC 2.
We’ve had a very positive experience with Drata. The team displayed great support throughout the SOC 2 Type 1 journey, answering any questions that arose on a timely basis. Drata has been a great partner in building best-in-class security frameworks, empowering us to serve our clients with a demonstrated focus on information security and data protection.
With Drata, we achieved SOC 2 Type 1 compliance in two months from start to finish, including audit time. Without Drata, this process would have taken 12-18 months with significantly more internal resources dedicated to manually collecting information compared to configuring connections, controls, and policies on the front end.
Overall we estimate we saved approximately 85% of our time and application on achieving SOC 2 Type 1 compliance with Drata, with just 50% of the cost of internal and third-party resources necessary to maintain compliance.
Becoming SOC 2 Type 1 compliant with Drata reaffirms our commitment to best-in-class information cybersecurity. We’ll continue providing our stakeholders with the highest degree of privacy and building our robust operational model to meet and exceed the SOC 2 requirements for data protection.
Achieving our SOC 2 Type 1 with Drata is a testament to our corporate values and continued commitment to ensuring the highest levels of cybersecurity for our stakeholders, processes and technologies. Our current and future partners can have the confidence to know that we prioritize cybersecurity and have built a robust operational model to meet & exceed the SOC 2 requirements for cybersecurity.
Close more sales and build trust faster while eliminating the hundreds of hours of manual work that used to go into maintaining your SOC 2 report and ISO 27001 certification.