“Secureframe streamlines the SOC 2 process and makes it easier and less expensive than preparing on your own.”
Pam Krulitz, CEO and Co-Founder, Optify
Optify is a software platform and coaching service that enables transformational leadership development – empowering coaches, teams and individuals to reach their fullest potential. Optify brings together decades of experience in leadership coaching, technology, business growth, organizational development and operations. They believe that great leaders—paired with great coaching and tools—can change the working world.
“Secureframe streamlines the SOC 2 process and makes it easier and less expensive than preparing on your own.”
Pam Krulitz, CEO and Co-Founder, Optify
Secureframe provided Optify with:
“We were going to get asked over and over again to jump through all of the security hoops to prove that it was a secure product.”
Optify, a coaching solutions provider that created an online coaching platform, was quickly learning that potential customers, both private coaches and large organizations, wanted proof that Optify’s online platform was keeping their data secure.
The biggest headache for the team was that each security questionnaire was different, so copy-and-pasting answers was not possible. They are also a small team, so the countless hours spent filling out security questionnaires was a major burden and slowing growth.
One way to build rapid trust in their platform was to obtain compliance with industry standards such as SOC 2.
Optify decided to get SOC 2 compliant to streamline the security questions. By sending the SOC 2 report when security questions came up, it put the onus back on the prospect to go through and see if they have any questions beyond what's in the audit report.
However, hiring a consultant to prepare for the audit was not only expensive, there was no visibility into the audit process and what was actually being done by the consultants.
“I talked to consultants who would help prepare us for an audit and it just seemed overwhelmingly expensive. I was getting quotes of $30,000 to $40,000 to get us ready.”
Pam, Optify’s CEO and founder, learned about Secureframe through a personal connection and quickly realized that the concerns she had with using a consultant would be eased by Secureframe’s platform, which made all of the steps to get SOC 2 compliant clear.
“During the initial conversations, just seeing the software that [Secureframe provides] made me confident that it was a finite process and the process would be really clear.”
The expertise provided by Secureframe’s dedicated compliance and customer success teams also gave Pam confidence that they could make it through the process and receive their SOC 2 audit report.
Secureframe also provided a list of preferred auditors, which Pam appreciated as it meant they did not have to spend too much time doing research and finding an auditor on their own.
Optify was able to get audit-ready in a timeframe that worked for them. Secureframe’s support team was on call over Slack to answer any questions and had regularly scheduled check-ins to keep the company on track.
“We were setting our own internal milestones and working at the pace that worked for us.”
Receiving a SOC 2 report is a long process that requires diligent and consistent work. With Secureframe’s help, both from the technology and customer support side, Optify stayed on track to get SOC 2 ready, go through the audit, and receive their report.
“If we didn't have Secureframe, how would we have gotten there… I'm not even sure.”
Having the report has unlocked many large deals for Optify. In one instance, an organization that wouldn’t purchase from them a year prior now wants to partner with Optify on a large contract now that they have their SOC 2 report.
After going through the audit process, Pam and her team were able to answer technical questions on calls with prospects and customers, which went a long way to proving an organization takes security and compliance seriously.
For example, Pam and her team went into a customer’s technical review of Optify’s security posture and were able to reduce the meeting to five minutes by mentioning they were getting their SOC 2 report and confidently answering a few questions.
“Because of the audit readiness process I just feel prepared. I feel competent to respond to questions.”
Finally, going through the audit readiness process made Optify a better functioning organization. The SOC 2 audit process is meant to ensure an organization is following the best practices when it comes to security compliance and, for Optify, it highlighted areas where they could be more secure.
“Along the way it made us a more secure and better functioning organization”
Now, with their SOC 2 report in hand and Secureframe continuously monitoring their state of compliance for the future, Optify can focus on growing their business.