How PerkUp Reduced Their Sales Cycle by 2 to 3 Weeks After Achieving SOC 2 Compliance, and Why They Will Confidently Tackle GDPR with Secureframe Next


PerkUp is an all-in-one enterprise gifting platform that allows employers to send incredible gifts to their employees around the globe. Learn more at


“Secureframe is a very user-friendly platform and has a great UI/UX. I can confidently say that the platform is so easy and it has everything you need to make getting SOC 2 [compliance] fast.”

Thomas Mirmotahari, CEO and Co-Founder, PerkUp



  • Proving that PerkUp’s platform could be trusted with prospect employee data to increase sales.
  • Filling out security questionnaires was slowing down the sales process.
  • Difficult to charge premium prices without a SOC 2 report.


Secureframe supported PerkUp with: 

  • Everything they needed to get SOC 2 compliant within the platform.
  • A UI/UX that made going through the readiness process easy.
  • A recommended auditor that made the audit process very seamless.


  • Peace of mind that they are continually compliant with Secureframe monitoring their systems.
  • Reduced the security portion of the sales cycle from a couple of weeks to a day or two.
  • The CEO and CTO save 2-3 hours per deal.


PerkUp initially started selling to startups and didn’t need a SOC 2 report. However, as they started targeting larger companies both in and outside of the United States, 9 out of 10 potential customers were asking for a SOC 2 report or requiring PerkUp to fill out a security questionnaire.

PerkUp was founded to help employers manage sending items out to their employees. This could be anything from merchandise to monetary awards and gift cards. Initially, they sold to small startups that had one or two decision makers and didn’t require a SOC 2 report.

However, larger companies started bringing in more decision makers, like Finance for pricing and IT for technical security questions. Without a SOC 2 report, PerkUp’s team found the process of filling out security questionnaires painful and time-intensive, adding several weeks to their sales cycles. It also impacted their deals in other ways.


“We were losing trust,” says Mirmotahari. “Not having a SOC 2 report was slowing down the sales process and it was preventing us from pricing our product higher.”


Secureframe’s platform, including its streamlined UI/UX, integrations to the most popular systems, and recommended audit partners, made the entire SOC 2 process easy.

From the very beginning, Mirmotahari was impressed with the Secureframe team’s approach to onboarding. While internal work delayed the start of the SOC 2 process for PerkUp, the Secureframe customer success team continued to send reminders and pushed materials to keep them on track in a friendly manner.


“The Secureframe team really eased me into it. Once we actually started the process, it was really fast. The platform was intuitive and fun once we got into it.”

After going through the initial onboarding checklist, Mirmotahari logged into the Secureframe platform, reviewed the dashboard, and saw that many of the required steps were already done. He found that Secureframe provided all of the features and documents needed to get through the SOC 2 process right in the platform.

Overall, Mirmotahari found the SOC 2 readiness process was much more streamlined than he had expected. While the process took several months from beginning to end, most of the actual readiness work was done over the course of three weeks. After the audit, it took just a couple of weeks to receive the report.


“The process was so seamless with SOC 2,” said Mirmotahari. “It felt much more daunting before we started, but now that we’ve gone through it with Secureframe, it’s much easier than it seemed. That’s why we’re moving forward with Secureframe for GDPR.”

Not only that, Mirmotahari was pleased to discover that signing up with one of Secureframe’s recommended auditors made the audit itself much smoother.


“Rather than going out and trying to find an auditor, we used a recommended auditor and it was such a breeze. The clockwork between the auditor and Secureframe platform was amazing.”


After getting their finalized SOC 2 report, PerkUp has seen the security portion of their sales cycle drop from 2 to 3 weeks down to a day or two. The CEO and CTO now also have peace of mind in their product’s security and customer data protection measures.

Just two days after receiving their SOC 2 report, PerkUp sent it out to a prospect, which they quickly approved the very same day. This was a big difference from their previous experiences when not having a SOC 2 meant prospects would come back with lengthy security questionnaires.


“That process to get through a security questionnaire would typically take 2-3 weeks. Each time it would take me and my CTO 2-3 hours per deal to complete. And these are all deals that are very material for our business.”

Another area that the report helped with was building trust with customers. Having the SOC 2 report builds instant credibility with prospects and it’s easier to get buy-in from internal stakeholders.

And for Mirmotahari and his CTO, having Secureframe integrated into their systems and continually monitoring their compliance posture ensures they don’t have to worry about that part of their business.


“One thing that really stands out is the peace of mind we have. Knowing that the Secureframe Agent is there monitoring employee devices and their integrations are hooked into GCP and Github, it feels like Secureframe has our back.”