Kinectify, an anti-money laundering compliance platform for the gaming industry, was founded in 2020. Its platform was designed to process large amounts of PII data for enterprise-level businesses. To get ahead of compliance requirements and establish trust with customers, Kinectify’s CTO, Mike Calvin, wanted to demonstrate that they’re taking security seriously even before bringing their first customer onto the platform.

Having gone through the compliance process before with another firm, Mike expected that it would take about a year and hundreds of hours of executive time to get SOC 2 Type I and, ultimately, SOC 2 Type II compliant.

“In my previous experience, each executive on my team spent 30-40 hours a month over the course of a year to get compliant.”

Mike quickly learned that partnering with Secureframe drastically reduced the amount of time he and his team needed to spend getting SOC 2 compliant. Shortly after partnering with Secureframe, their assigned compliance expert kicked off the project and prepared Kinectify for the SOC 2 Type I audit readiness process. 

Automated evidence collection was implemented through Secureframe’s integrations, and Mike’s team saved at least a quarter’s worth of work by leveraging Secureframe’s existing policy templates, which have all been vetted by former auditors.

“Secureframe has a great library of existing policies that we were able to build off of. That was a huge help and a real kick starter, saving at least a quarter’s worth of work by the CEO and CTO.”

Once all activities in the Secureframe platform were complete, Kinectify used an auditor from Secureframe’s network to complete their SOC 2 Type I report. Due to the auditor’s familiarity with Secureframe’s platform, Kinectify was able to offload a majority of the back-and-forth and evidence gathering to the platform. This made getting SOC 2 Type I compliant much faster and easier than Mike expected.

“The SOC 2 Type I felt almost anti-climactic. We engaged the auditor, we didn’t talk to them for a couple of weeks, and then they were ready to write the report. The automated evidence collection really minimized the interaction we needed to have with our auditors."

Less than a year later, Kinectify was ready to get their SOC 2 Type II report. Leveraging their partnership with Secureframe, they were able to establish a relationship with a new audit firm, Prescient. Prescient’s experience and usage of Secureframe’s platform significantly minimized the back and forth between Mike’s team and the auditor. 

“All in all, we probably spent less than 5 hours with them — outside of what we already allocated to keeping our compliance readiness in check in Secureframe — to achieve Type II. It couldn’t have been a smoother process for us.”

Less than three months after kickoff with their Secureframe compliance expert, Kinectify had a SOC 2 Type I report in hand. Next June, they began their engagement with Prescient and got their SOC 2 Type II report by the end of July.

“We spent less time achieving SOC 2 Type I and II with Secureframe and Prescient than I spent achieving Type I with a previous organization.”

As a young company, having these reports were crucial to closing large deals quickly. With them, they could quickly prove their strong security posture and speed up sales cycles.

“We’ve landed major contracts with the top 10 gaming companies that would’ve still been in the vendor acceptance process if we didn’t have the SOC 2 in place.”

Having the SOC 2 reports is a differentiator for Kinectify among their competitors and has brought peace of mind to the executive team. By checking Secureframe’s dashboard on a consistent basis, Mike can verify their compliance posture and fix any issues that are flagged by the Secureframe platform.