Neto Achieves Rapid Scaling and Success With Drata’s Comprehensive Compliance Solution

Asset - Neto - Case Study Image

Neto specializes in customer engagement through AI-powered virtual agents.

LocationLehi, Utah
IndustrySoftware Development
A case on Neto's compliance journey with Drata.

Neto’s Need for Compliance

Neto, a Utah-based AI technology company, specializes in customer engagement through its AI-powered virtual agents. Unlike traditional chatbots, Neto offers a dynamic and human-centric approach to interacting with customers across various industries like employer retention credits, influencer marketing, solar sales, coaching, and addiction recovery.

Their mission to enhance customer journeys through sophisticated AI and human interaction has positioned Neto as a leader in personalized customer experiences. Given the work that Neto does, their need for compliance is crucial for continued growth and competitive differentiation.

Finding the Right Compliance Platform

As a fast growing startup, Neto faced significant compliance challenges, particularly in entering specific industries requiring stringent data protection and privacy standards, like substance abuse support.

The need for HIPAA compliance to protect patient privacy and SOC 2 compliance to assure data security for their Fortune 500 clients was paramount. However, as a startup with a lean team of 17 members, achieving these compliance standards within their first year of operation seemed overwhelming and time-consuming—with the added setback of potentially taking away essential resources from Neto's core mission of rapid innovation and customer engagement. The necessity for HIPAA and SOC 2 compliance became a critical differentiator for Neto, setting them apart from many AI platforms that had not yet met these compliance standards.

"Achieving compliance in the early stages can be daunting for any startup—especially when there are multiple frameworks you need to comply with. Drata turned this challenge into a smooth process, setting us apart in the industry amongst our competitors. It's not just about checking boxes; it's about ensuring our technology respects and protects our users' data, setting a new standard in the AI industry."

Compliance Automation With Drata

Drata stepped in as a pivotal solution to help Neto establish their compliance program, simplifying the process with continuous automation and control testing, coupled with a plethora of technology integrations. For instance, the platform's ability to connect with Neto's tech stack, including critical services like MongoDB, GitHub, and Microsoft Azure, allowed for real-time insights into Neto's security posture, identifying potential vulnerabilities and offering recommendations for improvement. Ultimately, leveraging continuous compliance enabled Neto to work towards HIPAA and SOC 2 compliance simultaneously.

When connecting MongoDB to Neto’s systems, the Drata platform brought visibility to information that needed to be secured just by integrating those systems together. Neto referenced Drata’s resource documentation to ensure the integration was set up properly, and 10 minutes later Neto had detailed, actionable feedback on changes that needed to be made to remain in compliance.

Drata’s support team and the education resources they provide were invaluable in guiding Neto through the compliance journey, from understanding the requirements to implementing the necessary controls and processes. These resources significantly reduced the learning curve and time investment typically associated with compliance tasks. The ability to see real-time progress towards HIPAA and SOC 2 compliance on a unified dashboard provided Neto’s lean team with the motivation and visibility to prioritize and manage their compliance efforts effectively.

"The real-time insights Drata provided into our systems were game-changing. Remediating a potential security risk in our MongoDB setup through Drata's automated tests clearly laid out how valuable their platform would be to our compliance program. Drata has become an integral part of Neto's operations and their level of detail and customer support is truly what sets Drata apart."

Maximizing ROI Through Proactive Continuous Compliance

For Neto, the ability to swiftly navigate HIPAA and SOC 2 requirements without the need for extensive manual effort translated into substantial cost savings and a 5x faster time-to-market for their services. This efficiency enabled Neto to allocate more resources towards innovation and customer engagement, further driving revenue and growth for the company.

Additionally, executing on these compliance initiatives has opened new business opportunities for Neto in sensitive markets, further expanding Neto's market reach and competitive edge. The strategic advantage provided by Drata's comprehensive compliance solution has been a critical factor in Neto's rapid scaling and success, showcasing the significant ROI that effective continuous compliance automation can deliver.

As a CTO, navigating the complexities of compliance can be painful. With Drata, that perspective has shifted. Now, compliance is integrated into our development lifecycle, not as an afterthought but as a foundational aspect of our product development. It's a relief for my team and positions Neto at a strategic advantage.

Akhil Tolani


Resources for you
Image - Drataverse '24 Agenda Preview

GRC Growth: Sneak Peek Into the Drataverse ‘24 Agenda

Join us at RSA

FOMO Alert: Why You Won’t Want to Miss Drata at RSA

Harmonize Announcement

Welcoming Harmonize To the Drata Family

Be a Part of the Best

Join the thousands of companies who trust Drata with their evolving compliance needs.