Optify Saved Hundreds of Hours and Gained New Business by Getting Their SOC 2 Report with Secureframe’s Expert Guidance
Optify is a software platform and coaching service that enables transformational leadership development – empowering coaches, teams and individuals to reach their fullest potential. Optify brings together decades of experience in leadership coaching, technology, business growth, organizational development and operations. They believe that great leaders—paired with great coaching and tools—can change the working world.
“[Secureframe] streamlines the [SOC 2] process and makes it easier and less expensive than preparing on your own.”Pam Krulitz, CEO and Co-Founder, Optify
- Customers, both private coaches and large organizations, wanted proof that Optify’s SaaS platform is secure
- Required to fill out security questionnaires even though they don’t handle sensitive data
- Countless hours spent filling out security questionnaires as each one was slightly different, which burdened the small team
Secureframe provided Optify with:
- A SaaS platform that made the SOC 2 process tangible and visible
- Clarity around the audit process and a predictable set of tasks to complete the SOC 2 audit
- The ability to get SOC 2 compliant without paying for an expensive consultant
- Personalized introductions to auditors, which saved time on research
- Consistent check-in meetings to ensure a SOC 2 report was achieved
- The peace of mind to go at their own pace to complete audit-related tasks
- An organization that wouldn’t purchase from them a year prior now wants to partner with Optify on a large contract now that they have their SOC 2 report
- Got through a customer’s technical review of Optify’s security in 5 minutes with knowledge gained from the SOC 2 audit process
- Greater credibility when speaking about Optify’s security posture to customers
- Executive team has greater confidence walking into business development conversations
Small team required to spend hours filling out security questionnaires to get business even though they don’t handle sensitive data
“We were going to get asked over and over again to jump through all of the security hoops to prove that it was a secure product.”
Optify, a coaching solutions provider that created an online coaching platform, was quickly learning that potential customers, both private coaches and large organizations, wanted proof that Optify’s online platform was keeping their data secure.
The biggest headache for the team was that each security questionnaire was different, so copy-and-pasting answers was not possible. They are also a small team, so the countless hours spent filling out security questionnaires was a major burden and slowing growth.
“I talked to consultants who would help prepare us for an audit and it just seemed overwhelmingly expensive. I was getting quotes of $30,000 to $40,000 to get us ready.”
One way to build rapid trust in their platform was to obtain compliance with industry standards such as SOC 2.
Optify decided to get SOC 2 certified to streamline the security questions. By sending the SOC 2 report when security questions came up, it put the onus back on the prospect to go through and see if they have any questions beyond what's in the audit report.
However, hiring a consultant to prepare for the audit was not only expensive, there was no visibility into the audit process and what was actually being done by the consultants.
Secureframe’s platform and services provides clarity around the audit process and a predictable set of tasks to complete the SOC 2 audit
“During the initial conversations, just seeing the software that [Secureframe provides] made me confident that it was a finite process and the process would be really clear.”
Pam, Optify’s CEO and founder, learned about Secureframe through a personal connection and quickly realized that the concerns she had with using a consultant would be eased by Secureframe’s platform, which made all of the steps to get SOC 2 compliant clear.
The expertise provided by Secureframe’s dedicated compliance and customer success teams also gave Pam confidence that they could make it through the process and receive their SOC 2 audit report.
Secureframe also provided a list of preferred auditors, which Pam appreciated as it meant they did not have to spend too much time doing research and finding an auditor on their own.
“We were setting our own internal milestones and working at the pace that worked for us.”
Optify was able to get audit-ready in a timeframe that worked for them. Secureframe’s support team was on call over Slack to answer any questions and had regularly scheduled check-ins to keep the company on track.
With Secureframe’s deep expertise, support, and guidance, Optify received their SOC 2 report at the pace they wanted.
Hundreds of hours saved bypassing security questionnaires, increased confidence when speaking to prospects about their security, and a better overall security posture
“If we didn't have Secureframe, how would we have gotten there… I'm not even sure.”
Receiving a SOC 2 report is a long process that requires diligent and consistent work. With Secureframe’s help, both from the technology and customer support side, Optify stayed on track to get SOC 2 ready, go through the audit, and receive their report.
Having the report has unlocked many large deals for Optify. In one instance, an organization that wouldn’t purchase from them a year prior now wants to partner with Optify on a large contract now that they have their SOC 2 report.
“Because of the audit readiness process I just feel prepared. I feel competent to respond to questions.”
Answering a few technical questions on a call or in a meeting can go a long way to proving an organization takes security and compliance seriously.
After going through the audit process, Pam and her team went into a customer’s technical review of Optify’s security posture and were able to reduce the meeting to five minutes by mentioning they were getting their SOC 2 report and confidently answering a few questions.
“Along the way it made us a more secure and better functioning organization”
Finally, going through the audit readiness process made Optify a better functioning organization. The SOC 2 audit process is meant to ensure an organization is following the best practices when it comes to security compliance and, for Optify, it highlighted areas where they could be more secure.
Now, with their SOC 2 report in hand and Secureframe continuously monitoring their state of compliance for the future, Optify can focus on growing their business.