How Headcount365 Got SOC 2 Compliant in 30 Days

Headcount365 is the first software to connect finance, recruiting, hiring managers, and HR teams to a single source of truth (SSOT) platform to manage headcount. By moving from spreadsheets, executives get instant access to data previously unavailable while retaining their current HR tech stack. Headcount365 eliminates the need for premature implementations of expensive and cumbersome ERP solutions while producing better results for the growth stage and mid-market companies.

headcount

“It took less than 30 days to go from signing with Secureframe to having our SOC 2 Type I report in hand. This enabled us to sell to large companies that have strict security requirements.”

Scott Eichengrun, COO, Headcount365

Highlights

highlights

Challenges

  • Headcount365’s enterprise customers required SOC 2 compliance.
  • Alternative options to get SOC 2 compliant cost significantly more than Secureframe.
  • Lost a deal because they weren’t SOC 2 compliant.
highlights

Solutions

Secureframe supported Headcount365 with: 

  • Strong support from Secureframe’s compliance expert and customer success manager.
  • A platform that makes the entire SOC 2 process straightforward and easy.
  • Full visibility into their SOC 2 status and areas to focus on with features like personnel management, vendor integrations, and automated tests.
highlights

Results

  • Got SOC 2 Type I compliant in 30 days.
  • Have confidence that they can pass any future security review quickly.
  • Signed on to get GDPR compliant knowing the process will be straightforward.

Challenges

Headcount365 lost a deal because they didn’t have a SOC 2 report. They wanted to get it done quickly for future deals, but knew they needed advice and guidance to do so.

Headcount365 is recruiting management software that can be used by companies of all sizes, but they sell mostly to enterprise customers with strong security standards.

quote

“We started looking for a product that would help us get SOC 2 compliant because many of our prospects were asking for SOC 2. We had a deal fall through and decided it would help us with future deals to get SOC 2 compliant,” said Scott Eichengrun, co-founder of Headcount365.

After looking at a few options, some of which cost $15,000 more than Secureframe, Eichengrun decided to move forward with the Secureframe platform.

Solutions

Secureframe’s platform combined with customer support and compliance expertise made the SOC 2 process simple and easy.

From the moment they were onboarded to receiving their SOC 2 report, Eichengrun felt supported by Secureframe’s team.

quote

“People are Secureframe’s strongest asset. The compliance expert I worked with was amazing and he helped walk me through the process. I also couldn’t have asked for more from our assigned customer success person. He was very responsive and helpful whenever I had a question. Between the two, I felt supported the entire time.”

Eichengrun also found the Secureframe platform straightforward and easy to use. 

Many of the features in Secureframe’s platform made the process simple:

  1. Personnel management stood out to him as he could go to a single place in the platform, see everyone on his team, and see if they’ve done the work required. 
  2. Vendor integrations automatically pull compliance information, which saves the Headcount365 team hours of valuable time. 
  3. Automated tests make it easy for Headcount365’s team to know how to progress through the readiness steps
  4. The dashboard gave Eichengrun the ability to see how far along he was in the compliance process at a glance.
quote

“The platform works well. I’m able to navigate it easily, see relevant information to complete each test, and have a simple interface to upload evidence for our auditors. It leaves me feeling confident that we are prepared to pass our audit the first time. Secureframe really simplified the SOC 2 process.”

Results

Headcount365’s motivated team was able to sign with Secureframe and have a SOC 2 Type I report in hand in 30 days. Now they are pursuing SOC 2 Type II and GDPR compliance.

Even with a small team, Headcount365 was able to get SOC 2 Type I compliant in 30 days with Secureframe.

Now, the Headcount365 team is confident that with a SOC 2 report in hand, they can quickly pass even the strictest security audits and move the sales cycle along faster.

quote

“We no longer have any concerns about passing security audits. Our team knows that our deals will not be blocked by having our SOC 2 report. It speeds everything along and makes the security audit process super simple.”

Next, Headcount365 is in the process of getting a SOC 2 Type II and also using Secureframe to help them get GDPR compliant. And Secureframe’s proprietary GDPR videos are helping ensure their employees get and stay compliant