CASE STUDY
ÉTUDE DE CAS
Clozd drives efficiency and business growth with Vanta
By partnering with Vanta for SOC 2 automation, Clozd saved two quarters worth of work and achieved compliance in 6 months.
Vanta’s 300+ integrations enable Clozd to maintain holistic compliance with minimal effort, allowing the team to focus on driving customer value.
Clozd utilizes Trust Center externally to proactively demonstrate trust and accelerate new deals.
“If we’re able to spend our time focusing on value delivery for our customers, that to me is success when it comes to a good security program and the value that Vanta provides.”
The company
World-class technology and services for win-loss analysis
Clozd, headquartered in Utah, is a software and services organization specializing in win-loss analysis, helping customers understand why they win or lose sales opportunities to drive strategic improvements and enhance sales performance. Founded in 2017, the company works with customers of all sizes – from large businesses like Stripe and Workday to startups and small businesses.
Clozd goes beyond typical market research by going directly to buyers to understand why they chose to purchase (or not to purchase). By using unbiased feedback directly from buyer interviews, Clozd helps teams understand the decision drivers that have the largest impact on sales outcomes, so teams can make more informed strategic decisions. Clozd has continued to expand its capabilities and recently partnered with Gong to further integrate customer interaction data into the Clozd platform.
Daryl Pinkal, CTO at Clozd, came to Clozd in 2020 to lead engineering, product management, DevOps, and infosec. As Clozd grew, the team began receiving more questions about their security posture and it became clear that attaining a SOC 2 or ISO 27001 would be critical to Clozd’s growth and expansion.
The challenge
Achieving compliance while continuing to drive new customer value
Around a year after joining Clozd, it became clear to Daryl that Clozd would need to invest in compliance frameworks to support company growth. There was increasing demand for more information about Clozd’s security posture, but there weren’t enough resources to achieve compliance standards like SOC 2 or ISO 27001 while also handling a growing number of security reviews and demands of a growing business.
As Daryl explored compliance options for Clozd, he knew from previous experience that the manual way wouldn’t work. Having achieved FedRamp compliance at his past company, Daryl experienced first-hand the pain of completing audits and evidence collection manually. In the old world, achieving compliance meant devoting time to large group meetings with inefficient workflows that distracted focus from driving new customer value. “We went into business to build great products for customers,” Daryl says. “So it was super frustrating for us to go through all of these different controls necessary for compliance, and still feel like we were being productive and focused on the right needs for our customers and the business.”
Daryl prioritized finding a partner that could automate compliance with minimal effort and transform Clozd’s approach to security from a point-in-time check into a real-time system with continuous monitoring and alerting. The need for a solution that enabled Clozd to be proactive in achieving and maintaining security posture — all without scaling the size of his internal team — meant Daryl had to find a unique partner.
{{quote-2}}
The solution
Holistic risk visibility that goes beyond point-in-time compliance
In his search for a security and compliance partner, Daryl found Vanta was the only offering that satisfied his requirements for an automated compliance solution. Once Daryl made the decision to partner with Vanta, Clozd quickly realized value, achieving their SOC 2 report with the help of a Vanta partner auditor within 6 months.
Beyond achieving compliance quickly, Daryl also saw massive time savings for his team, “Between all of the policy documents that we were able to accelerate with the templates in Vanta, to just having the checklist that managed the to-dos and action items across the organization, we’re saving two full quarters worth of work.
By integrating their infrastructure with Vanta, Daryl has a real-time view of Clozd’s security posture, which helps him go beyond acquiring a point-in-time compliance attestation. Daryl believes that maintaining compliance is key to his organization's success and finds value in Vanta’s automated alerts, “It’s almost like having an [internal] auditor full-time on the team, just constantly auditing our business, and that’s super helpful for us.” This has allowed Daryl and his team to save time on manual tasks and streamline their processes, enabling them to focus on building new products and driving customer value.
Vanta’s Trust Management Platform and commitment to continuous security monitoring has enabled Clozd to make security a company-wide effort and influence Clozd’s culture. With Vanta, Daryl has been able to seamlessly involve cross-functional teams, like finance, to help ensure Clozd remediates any issues in a timely manner and maintains its security posture.
The impact
Maintaining compliance and driving new growth with trust
Daryl’s approach to proactive security means he will continue to focus on maintaining SOC 2 and ISO 27001 accreditations as his organization scales. He also plans to continue prioritizing rapid SLAs on security reviews, further expediting deal cycles.
Finally, Daryl is eager to increase utilization of Clozd’s Trust Center as a way to demonstrate trust externally and directly influence growth. “By giving our customers access to everything we’re doing, we build trust with our customers that [security] is top of mind, that it’s a priority for us and something we’re investing in.” By pushing compliance up the funnel and directly into sales conversations, Daryl is making Clozd’s proactive approach to security a point of confidence for prospective customers.
{{quote-3}}
