“With Secureframe, it’s all automated,” says Kuzmin. “Most of our vendors were already integrated with Secureframe, which made it easy to move quickly. These automated integrations are one of the most compelling features of the Secureframe platform.”
For Troops, Secureframe also protected against human error that could have hurt their compliance.
“It’s about being prepared,” Kuzmin says. “Imagine in your infrastructure you’ve encrypted every bucket, every snapshot, every volume. But then a new DevOps engineer is working, creating new stuff, and they forget to encrypt a bucket. With Secureframe’s tracking system, you would be alerted that these new items weren’t encrypted. Then it’s only a matter of jumping in from my side to fix them.”
As Troops moved into SOC 2 Type II, Secureframe also provided a way to showcase their progress to companies in the pipeline.
“We were in the negotiation phase with a prospect when we were under Type I, and we needed to show them the progress bar with our ongoing efforts toward the next level of compliance. We told them, ‘We’re not SOC 2 Type II yet, but we’re preparing and able to show the exact percentage of items that are already completed.’ It was very useful.”