Overflow Received Their SOC 2 Type 1 Report Quickly and Experienced the Difference of Expert Compliance Support

Overflow is a stock donation platform that makes it easy for nonprofits to realize net-new giving by facilitating donations of non-cash assets such as stock and cryptocurrency.

overflow

“The level of service provided was the biggest difference. Having someone from compliance AND customer success was super helpful in bringing us along.”

Kyle Woumn, VP of Product and Engineering, Overflow

Highlights

highlights

Challenges

  • Expanding business to sell to enterprises where SOC 2 compliance is a requirement
  • Sophisticated non-profit organizations also asking to prove compliance
  • No in-house compliance expertise
highlights

Solutions

Secureframe provided Overflow with:

  • A level of service that helped Overflow complete their SOC 2 Type 1 audit
  • A dedicated compliance expert who walked them through the entire compliance process and ensured they were audit-ready quickly
  • A platform that maintains and monitors Overflow’s SaaS and 3rd party services through integrations
highlights

Results

  • Successfully received SOC 2 Type 1 report and are currently working towards SOC 2 Type 2
  • Now have the ability to land large Enterprise deals that require a SOC 2 report
  • Saved employee time and saved money by not having to hire a consultant or dedicated compliance officer

Challenges

SOC 2 compliance is a requirement to sell to large enterprises and even non-profits were starting to ask for a compliance report

quote

“Compliance was a requirement for us to get the deal across the line.”

Stock donation platform Overflow was expanding their business to sell to large Enterprises. They found a lot of early interest, but consistently ran into security compliance as a requirement. Even more sophisticated non-profits were starting to ask if they were security compliant.

With such a small team, Overflow had neither the in-house expertise to understand what the SOC 2 process required nor the time to dedicate valuable resources to getting compliant. They needed a platform that could automate a lot of the evidence gathering, but more importantly they wanted an expert partner that could help guide them through the compliance process.

Solutions

Secureframe’s expert guidance clarified the audit process and the automation platform enabled them to get audit-ready fast

quote

“The #1 reason to go with Secureframe is the level of service that the compliance and success teams provide to help you get across the finish line to complete your audit.”

Right from the start, the compliance expert assigned to Overflow helped them get through the tedious audit readiness process. Combined with support from their dedicated customer success rep, Overflow’s compliance journey was frictionless and easy.

quote

“Generating policies was a huge lift for us. I love the templates that Secureframe was able to provide so I didn’t start from scratch.”

Secureframe’s platform made it easy for Overflow to draft policies using templates approved by compliance experts. It was a very low lift for Kyle, who led the compliance effort, to update the policies to match Overflow’s specific business and ensure everyone at Overflow was following them.

quote

“I liked how we could connect our SaaS services and that Secureframe was able to maintain and monitor those 3rd party services we use.”

After receiving their SOC 2 Type 1, Overflow now uses Secureframe to perform continuous monitoring to ensure they maintain compliance as they pursue their SOC 2 Type 2 report.

Results

Saved time and money on compliance, closed more enterprise deals, and increased confidence when speaking to prospects about security

quote

“In terms of time saved and money saved, by having Secureframe we didn't have to hire someone full time or hire a consultant.”

Secureframe’s automation platform and expert guidance helped Overflow get compliant with fewer resources. Hiring a consultant or a full-time security officer would have brought in compliance knowledge, but it would have been a lot more costly while still requiring a lot of manual work for Overflow’s team.

quote

“This is table stakes for Enterprise companies. By being SOC 2 compliant, we’re easily able to get through the security process quickly.”

With their SOC 2 Type 1 report in hand, Overflow knows that once they have the green light to move forward on a deal at a prospect, they are able to move through the deal process quickly. This is helping them land larger Enterprise deals and shorten the sales cycle.

quote

“Having confidence and knowing that we’re getting our systems audited on a regular basis is huge.”

With Secureframe continuously monitoring their systems, Overflow’s employees can relax knowing their systems are compliant. It also gives them confidence speaking about their security posture to prospective customers.