Roadie Shaved More Than a Year Off Their Compliance Journey with Secureframe, Speeding Up their Sales Cycle and Decreasing Prospect Churn

customer_logo

Roadie is a fully hosted and managed version of Spotify’s Backstage, managing deployments and security to help engineers get the best out of Backstage. Learn more at roadie.io.

customer_testimonial
quote

“Because of the size of our team and our early stage, it was obvious that an automated platform was the way to go. I looked at all of them, and Secureframe completely stood out. Their team’s attitude was outstanding – they clearly had expertise and they were willing to answer a lot of questions to make sure that we were very comfortable with the process.”

Orla Tuite, Chief of Staff, Roadie

Highlights

Challenges

  • Customer base required compliance to close deals.
  • Roadie’s lean staff needed an automated compliance solution. 
  • Bridging the knowledge gap between compliance and engineering was difficult.

Solutions

Secureframe supported Roadie with: 

  • Engaging monitoring interface that motivated engineers.
  • Easy AWS integration that made auditing “click and play.” 
  • Seamless onboarding and customer support across time zones.

Results

  • Achieved SOC 2 Type II compliance a year earlier than expected. 
  • Decreased pipeline churn and accelerated the sales cycle. 
  • Deep engineer engagement and ownership on security practices.

Challenges

Roadie’s lean team understood the importance of SOC 2 compliance, but they needed a low-lift solution that would reduce their workload while providing evidence-based compliance to increase customer confidence

Roadie, a developer portal startup, had essential security practices in place, but they needed to formalize their process to achieve SOC 2 compliance. Orla Tuite, Roadie’s Chief of Staff, says this was critical for the startup to close new customers.

quote-icon

“As part of the sales process, customers ask us to demonstrate compliance,” says Tuite. “While we always practiced strong security, we needed to standardize existing processes, run an audit, and ultimately provide evidence-based SOC 2. That would speed up the sales process.”

Tuite had led SOC 2 Type I and Type II compliance at a previous company and wasn’t satisfied with that experience.

quote-icon

“We did this with one of the big four firms, and it was painful. Their processes were outdated. It took forever – a year and a half. They didn't have any awareness of how a startup works differently from a very large company.”

She knew that it wouldn’t make sense to have Roadie’s team of engineers supporting a protracted compliance process, so she began researching different compliance solutions.

quote-icon

“Because of the size of our team and our early stage, it was obvious that an automated platform was the way to go. I looked at all of them, and Secureframe completely stood out. Their team’s attitude was outstanding – they clearly had expertise and they were willing to answer a lot of questions to make sure that we were very comfortable with the process.”

Solutions

With Secureframe, Roadie found strong onboarding and customer support despite the time zone difference – and the easy AWS integration made for a fast SOC 2 Type II journey

During onboarding with Secureframe, Tuite quickly felt set up for success.

quote-icon

“There was reference material for everything that we needed, and their team preempted a lot of questions. It made you feel like there was a structure. It was clear they had done this before.”

Because Roadie is based in Europe, Tuite had some concerns that customer service and cross-team communication might be rocky, but those were quickly put to rest.

quote-icon

“Every time we asked a question we came into an answer the next day, and that allowed us to be totally unblocked and do the work, as opposed to waiting around,” says Tuite. “I genuinely appreciate that level of expert support.”

On the tech side, Roadie found that Secureframe worked easily with their AWS setup.

quote-icon

“All of our security practices and auto practices are done in AWS, and Secureframe works really well for that. The audit trail logs they require match up with what we were already doing in AWS. A lot of it was just click and play.”

Roadie utilized much of the Secureframe feature set, including:

  • The audit checklist: Tuite says the green checks for each asset gamified the process for engineers. “They see them start as red and they want to turn them all green.” 
  • Security training: Secureframe helped cement Roadie’s onboarding process, providing structure for new employees on security processes and training.  
  • Asset inventory: “You can see the devices, the policies on the devices, and whether each engineer has done the security training and accepted the policies.”

Results

By using Secureframe, Roadie saved a year on SOC 2 compliance, accelerating the sales cycle and deeply engaging its engineers

quote-icon

“It has, for sure, shortened the sales cycle and reduced the overall lift on the team,” says Tuite. “Based on my past experience, Secureframe itself has sped up the process of getting the audit done by at least a year and four months.”

In addition to time saved, her team now has much stronger knowledge on compliance.

quote-icon

“It has spread compliance awareness throughout the engineering team,” she says. “It allowed the engineers to get on board with compliance and to be part of it.”

Compliance language is complicated, Tuite explains. Translation is often required between compliance and engineering lingo for full understanding.

quote-icon

“Secureframe clears that hurdle for you,” she says. “It brings compliance into the engineering mindset and into their hands. It makes it part of their work and something that they can be proud of and be involved in, which is something I've never seen before. In addition to time saved and being able to speed up the sales cycle, having that sense of ownership among the engineers is just incredible.”

Roadie plans to continue using Secureframe to maintain their SOC 2 compliance.

quote-icon

“There’s literally no reason why you wouldn't go with Secureframe. We just signed our renewal. We're here for another year.”