How Plane Used SOC 2 to Prove Their Commitment to Security

Asset plane v2

Plane helps companies hire anywhere. With Plane, US-based businesses can easily take care of payroll, benefits, compliance and onboarding for remote teams. All in one, secure platform. Plane is a Y Combinator company.

LocationSan Francisco, CA
IndustryHR Tech
A case of a company obtaining compliance 4x faster by working with an automation solution.

The Value of SOC 2

Plane’s solution focuses on distributed global payroll and HR operations. Ensuring that employees are paid the right amount of money at the right time is a very important job, and customers entrust us with sensitive, personal information in order to perform this function. We launched the company with security and privacy at the forefront for this very reason.

We saw SOC 2 as an opportunity to effectively prove out our comprehensive security program to customers and prospects. We had much of what we needed in place – now it was just a matter of going through the audit readiness process and filling in any gaps.

Why Drata?

We compared Drata to a legacy player in the space when considering a compliance automation provider. What struck us from the very beginning was just how incredibly quick and responsive the team was. Obtaining SOC 2 was something we wanted to get done as soon as possible, and we felt confident that Drata had the team to help us get there. Considering our aggressive timeline, we also knew that we’d require a high level of support and accessibility. Between Drata’s customer support and our auditor partner, Schneider Downs, we received relevant help and expertise every step of the way.

Aside from the team, the product itself had a clean user interface and features like a personnel grid view and in-platform policy editor that really helped in removing complexity and confusion from the process.

The Audit Experience

From prep to audit to receiving the report, the total process took about two months for us. One month to get all of our controls in order, and another month for the auditor to do their job. Without Drata, we estimate that a manual process would have taken us around 4 times longer, or 8 months total.

Drata’s technology allowed us to take an easy, step-by-step approach that we found enormously helpful. Once our integrations were set up, the majority of our controls were monitored autonomously and continuously, allowing us to move forward with our audit quickly and confidently.

What’s Next for Plane?

With our successful SOC 2 Type I in hand and Drata continuously monitoring our controls, it makes sense to roll right into SOC 2 Type II. Between Drata, our auditor partners, and Plane’s strong commitment to security, we’ll continue to prioritize compliance and make it a central theme of how we do business.

We wanted to collaborate with a provider that could work at our pace. We're a fast-moving company, and we needed a compliance partner that could emulate that, both from a technology and support perspective.

Matt Drozdzynski

Founder & CEO, Plane

Resources for you
New Launches From Drataverse

New Launches From Drataverse: Chart Your Course

Highlights From Drataverse: Chart Your Course

Highlights From Drataverse: Chart Your Course

Image - SOC 2 penetration test list

Penetration Tests and SOC 2: Preference, Tradition, or Requirement?

Be a Part of the Best

Join the thousands of companies who trust Drata with their evolving compliance needs.