How Wealth.com Built Trust with Customers and Increased Team Productivity with Secureframe’s SOC 2 Compliance Solution
Wealth is on a mission to modernize estate planning. The most comprehensive digital estate planning platform available, Wealth combines a holistic view of all your assets, visualized and securely stored in one place with machine-learning backed recommendation technology that helps ensure plans reflect your current life circumstances and most up-to-date wishes.
"When I started trying the Secureframe platform, I saw how easy it was to use and how easy it would be to have a central location where we would keep all policies and documents. Secureframe would take care of pulling evidence from our cloud environment, authentication, and HR systems. Before Secureframe, our compliance team had to obtain evidence manually from each third party system."Jair Basso, VP of Security, Wealth.com
- Wealth’s financial customers have very strong privacy requirements.
- SOC 2 compliance is table-stakes in estate planning.
- Small startup team needed an easy, automated solution.
Secureframe provided Wealth with:
- Automated processes for pulling data, requiring low lift from Wealth.
- Easy integrations with existing third-party vendors.
- A one-stop-shop for security policies and vendor information.
- Significantly reduced time to SOC 2 compliance.
- Increased productivity for the security team.
- Easier security process and policy onboarding for new employees.
- Happier sales team with strong security and privacy selling points.
Security compliance was critical for Wealth to build trust among its large B2B customers, but the team needed a solution that would do the heavy lifting for them and provide a seamless journey to SOC 2 compliance
As an estate planning platform, Wealth handles sensitive customer data and often works directly with financial institutions that take privacy seriously.
“The first question we get is, ‘How do you protect our data? How do you protect our customer’s data?’” says Jair Basso, VP of Security. “When you're talking to bigger companies with complex security requirements and trying to win their business, being able to show you are following industry-leading security best practices and procedures is very important. Which is what the SOC 2 Type II report ensures.”
For the Wealth team, this meant SOC 2 compliance was a top priority, as a way to show prospective customers and the market that it was committed to security.
From past experience, Basso knew that it would require many hours of manual work from his team to achieve SOC 2 compliance without external support.
"Wealth.com is a new startup and we understand how crucial following security best practices from day one is - which creates a lot of manual effort unless you have credible partners like Secureframe that support streamlining the process,” Basso says.
To save the team time and put the best foot forward with customers, he knew they had to find the right partner to drive the process.
Secureframe’s automated processes, easy integrations, and one-stop-shop for security policy fit Wealth’s needs for a provider who could get them to SOC 2 compliance quickly
While researching compliance software, Basso came across Secureframe, whose team offered to do a demo and provide access to the platform on a trial basis.
“I saw how easy it was to use Secureframe,” says Basso, “and how easy it would be to have a central location where we would keep all the policies and documents. Secureframe would take care of pulling evidence from our cloud environment…and that would make my life easier.”
Ultimately, it was Secureframe’s expertise and excellent customer service that closed the deal. Basso felt he had a direct connection with the team, and all of his questions were answered right away.
Even better, Secureframe’s feature set solved many of his team’s initial challenges:
- Automating tasks. Secureframe automatically pulls information from the systems Basso uses to automate compliance tasks. And it does this behind the scenes.
- Easy integrations. Secureframe offers integrations with all of the systems that Wealth uses for data storage, making the information-gathering phase a breeze.
- Better policy training. With security policies in one place, Basso can invite employees for policy review, sign-off, and training. It’s now even part of Wealth’s onboarding flow.
- One-stop shop for vendor details. Basso can see all of Wealth’s third-party vendors and the types of data they host on Secureframe’s customer dashboard.
With Secureframe, Wealth achieved SOC 2 compliance in just over six months, reducing strain on the team and boosting their trust with customers and the likelihood of closed deals
“In my previous job, we would get auditors in our office for one or two days, and we would sit with them, showing evidence, answering questions—an old-school methodology,” says Basso. “With Secureframe, we just gave the auditors access to the platform, and they automatically got access to all the evidence. It was really, really smooth.”
Not only did Secureframe lessen the workload for Basso’s team, it allowed Wealth’s marketing team to more tangibly demonstrate to prospective members how secure their platform is.
“We’re the only digital estate planning platform with SOC 2 Type II compliance, which is not an easy bar to clear and a really helpful proof-point for marketing” says Lucas Miller, Content Director. “Being able to talk about the audit process and the other validation we have for security is critical for sales and marketing.”
To maintain compliance going forward, Basso feels confident about choosing Secureframe as an ongoing partner.
“It worked well for us, and I believe it will work for other companies too,” Basso says. “We plan to stick with Secureframe, definitely.”