Refyne is Asia's largest financial wellness suite, offering employees access to funds, learning material on improving personal finance, and tools for planning long-term financial health.
“We closed several deals just because of the quick turnaround time with Secureframe. This tool has been immensely helpful for me. The speed at which we got compliant was phenomenal, with amazing support that helped us out no matter what. The ROI is amazing.”
Vineet Mishra, Head of Information Security and Privacy at Refyne
Jump To
Refyne is the second-largest earned wage access provider in the world. Their product is powered on connections with other platforms, giving them access to sensitive data. This makes data security and privacy a top priority for the company.
“We have to make sure that we have top notch security and privacy standards,” says Vineet Mishra, Head of Information Security and Privacy. “It became increasingly difficult for us to constantly show our security posture.”
Without a strong security posture, the team couldn’t close as many deals. They knew they needed a SOC 2 report to satisfy customers and prospects, but it became increasingly cumbersome to handle on their own. They needed a clear roadmap to achieving multi-framework compliance quickly.
The team at Refyne evaluated multiple compliance automation vendors, but ultimately decided on Secureframe.
Mishra initially chose Secureframe because it offered a complete approach to security and privacy.
“The comprehensive controls library has been absolutely amazing, because SOC 2 was something I had never done before. It made me feel super prepared,” he says. “It helps me understand in real-time what things are failing and where I need to take action. It is really helpful that Secureframe tells you what the issue is, what the requirement entails, and how to fix it.”
Integrations with existing infrastructure like AWS made it easy to get started. But it was the ability for Refyne to customize their controls to exactly what they needed that made Secureframe stand out.
India's Digital Personal Data Protection Act (DPDP Act) came into effect in August 2023. While it’s not as well-known as its counterparts in Europe (GDPR) and the U.S. (CCPA), their business needed to make sure they were compliant right away.
“Secureframe allowed us to create our own controls to monitor, [in addition to] the ready-made connectors that I can just plug and play,” says Mishra.
Secureframe’s easy-to-use interface made onboarding seamless.
“The reason why we managed to get our SOC 2 report so quickly was because the onboarding was pretty quick, and all the necessary resources were at hand for us to just start," he says. "The support from Secureframe has been absolutely fantastic. We are in very different time zones, almost 12 hours apart, and the team has been available for us. That’s the kind of support you look for when you plan for a long term partnership.”
“I have been in this sector close to nine years now, and I have seen that companies take anywhere from six months to a year to get a SOC 2 report. We got it in three months with Secureframe,” says Mishra.
“I was very anxious, and the Secureframe team gave us some really good feedback so we were better prepared,” he says. “When the audit finally happened, it went smoothly. There were just two calls with the auditor, Zeroday. There was no requirement to submit additional evidence because we were so well prepared.”
“Secureframe had a great indirect impact on our business. We closed several deals just because of the quick turnaround time with Secureframe. We also managed to crack the public sector, with several state governments comfortable with our security,” he says.
Not only did they close more deals, but they’ve also saved money as an organization by using an automated, continuous model instead of an expensive consulting engagement or in-house staff.
“We ended up actually saving money because of the nature of the tool. This was a big return on investment for us.” He adds, “This tool has been immensely helpful for me. The speed at which we got compliant was phenomenal, with amazing support that helped us out no matter what. The ROI is amazing.”
