Roadie, a developer portal startup, had essential security practices in place, but they needed to formalize their process to achieve SOC 2 compliance. Orla Tuite, Roadie’s Chief of Staff, says this was critical for the startup to close new customers.
“As part of the sales process, customers ask us to demonstrate compliance,” says Tuite. “While we always practiced strong security, we needed to standardize existing processes, run an audit, and ultimately provide evidence-based SOC 2. That would speed up the sales process.”
Tuite had led SOC 2 Type I and Type II compliance at a previous company and wasn’t satisfied with that experience.
“We did this with one of the big four firms, and it was painful. Their processes were outdated. It took forever – a year and a half. They didn't have any awareness of how a startup works differently from a very large company.”
She knew that it wouldn’t make sense to have Roadie’s team of engineers supporting a protracted compliance process, so she began researching different compliance solutions.
“Because of the size of our team and our early stage, it was obvious that an automated platform was the way to go. I looked at all of them, and Secureframe completely stood out. Their team’s attitude was outstanding – they clearly had expertise and they were willing to answer a lot of questions to make sure that we were very comfortable with the process.”