How Hasura Saved 360+ Hours Getting SOC 2 Compliant With Secureframe

Hasura is a software technology company that builds developer tooling products, including open source tools, backend-as-a-service and platform-as-a-service products. 

The company’s GraphQL Engine gives customers instant GraphQL and REST APIs that unify their data and power their modern applications.

“Secureframe offers the complete package for getting your SOC 2 report fast."

Highlights

Challenges

  • Launching a new product that sat at the center of customers’ architecture.
  • Looking to demonstrate the product’s trustworthiness. 
  • Seeing compliance with SOC 2 as one way to build trust.
  • Searching for experts and tools to help them through the complex SOC 2 process.

Solutions

Secureframe provided Hasura with:

  • Software integrations that link with existing tools and automatically gather evidence of SOC 2 compliance.
  • Investigation into their current security controls, including scanning of cloud infrastructure.
  • Clear action points provided via easy-to-use online portal to address areas of vulnerability.
  • Technical requests from auditors untangled and turned into straightforward and achievable tasks.
  • Dedicated customer success manager and compliance experts always available to provide answers and expertise.

Results

  • 45 days of manual work saved.
  • Just 3 months to go from zero compliance to being SOC 2 compliant.
  • Blown away by the always-there support they received from Secureframe.

Challenges

Keen to demonstrate the trustworthiness of a newly launched product through compliance with SOC 2

When SaaS business Hasura developed a powerful new digital product that sits at the center of customers’ data architecture, they knew that demonstrating the product’s trustworthiness would be key to its success.

quote-icon

“Security is of the utmost importance to our customers,” says the compliance team at Hasura. “We were going after a lot of healthcare, insurance, and financial services companies and their first question was always whether we had best-in-class security controls in place and our products were secure.”

One way to build vital trust in Hasura’s new solution was through compliance with industry standards such as SOC2. 

quote-icon

“It was always on our timeline to become SOC 2 compliant and demonstrate strict controls,” says the team. “As we prepared to launch the new product, it became super-high priority that we proactively get that compliance done, rather than waiting and creating more work and issues further down the line.”

As it was Hasura’s first time pursuing SOC 2, and they knew the process was complex and specialized, they began looking for specialists and tools that could help them.

That’s when they discovered Secureframe—an innovative solution that helps automate SOC 2 compliance.

quote-icon

“As we prepared to launch the new product, it became super-high priority that we proactively get that compliance done.”

Solutions

Getting and staying SOC 2 compliant, with less effort and distraction for Hasura’s busy team

When another Secureframe customer—whose judgment Hasura trusted completely—recommended Secureframe, they were eager to investigate. 

After reaching out to Secureframe, Hasura jumped on a kick-off call and never looked back. They appreciated that Secureframe’s solution not only incorporated an easy-to-use digital platform to automate and streamline SOC 2, but also a dedicated customer success manager to lead Hasura through the process.

Secureframe had such a tried-and-trusted process, they told Hasura they could deliver a SOC 2 report in a matter of weeks.

First, Secureframe reviewed Hasura’s existing controls, including scanning the company’s cloud infrastructure. From there, they outlined key areas for Hasura to focus on and worked with them to develop robust compliance policies. Using its intuitive online platform, Secureframe laid out key action points for the team to complete over the coming weeks in order to be fully prepared for audit. 

As the audit drew nearer, Secureframe made the auditor’s lengthy and technical list of 250 document requests more manageable with automated evidence collection.

quote-icon

“One of the challenges of passing these kinds of audits is that the language is incredibly technical,” says the team. Secureframe simplified that auditor language, broke it down into tasks we could understand and follow, and used a simple dashboard to ensure everyone was doing what was required. Many of the tasks we’d otherwise have needed to do manually were automated thanks to Secureframe’s features and integrations, so we were ready for the audit quickly and with less effort on our part.”

Results

45 days of manual work saved, faster sales cycles, and the foundations laid for future growth

Hasura’s team saved a month and a half of work and effort by partnering with Secureframe to achieve their SOC 2 report. 

quote-icon

“We derived a lot of value from Secureframe’s product and our engagement with their team,” says Hasura’s Compliance team. “Instead of having to figure things out for ourselves, we could use Secureframe’s tools to automate much of the process and turn to their team for advice when we needed them. I’d estimate we saved a month and a half, for sure.”

SOC 2 brings reassurance to prospects that Hasura and its products are secure.

quote-icon

“Being able to provide SOC 2 in the RFIs of potential clients has enabled us to speed up the sales cycle,” says the team. “The availability of a SOC2 report has meant we have audited third-party-certified answers to most of the security questions that an IT department poses.” 

Alongside the weeks of time saved, Hasura appreciates the hands-on, always-there support they received from Secureframe. 

quote-icon

“Secureframe handled so many pieces of the SOC 2 process for us that we didn’t have the technical knowhow to do,” says the team. “We’d 100% recommend Secureframe. Secureframe is the complete package and made our lives at Hasura a lot easier.”

Want to become secure and compliant at lightning speed and with no stress?

Secureframe can help.