Vanta automates security compliance.
Please enter your first name
Please enter your last name
Please enter a valid email address
Please enter a job title
Please enter your company name
Please enter your company website
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
🎉
Try Vanta free for a week. See the difference.
Learn more >
CASE STUDY

How Stormboard leverages Vanta to generate revenue and stay compliant

COMPANY
Stormboard
EMPLOYEES
101-250
LOCATION
Edmonton, Alberta, Canada
SOLUTION
SOC 2, GDPR
INDUSTRY
SaaS
YEARS ON VANTA
1+
Confidence and trust

Compliance and security are critical to Stormboard’s competitive advantage. Their compliance partner needs to offer a superior product backed by a proven reputation.

Time saved

Stormboard is a fast-growing company supported by small, high-performing teams. To stay laser-focused on business development, they need a solution that saves them as much time as possible.

Continuous monitoring automation

Stormboard needs a modern platform to efficiently and continuously safeguard its business at all times.

“When we did SOC 2 Type I ourselves it took months. When we used Vanta to get our SOC 2 Type II, it took days.”

Michael Bollman
Cofounder, CTO, CSO
The company

Remote collaboration done right 

Stormboard is a leading provider of visual collaboration and digital workspace solutions. Stormboard enables businesses to remotely hold meetings, design projects, and get work done every day no matter where they are located. 

Stormboard is an international organization that does business with startups and enterprises across 181 countries. Because Stormboard’s SaaS product is designed for telecommunication, data organization and security are integral components of the business. Their virtual whiteboard app has the option to export content to the cloud—a valuable feature that requires responsible data management. 

Michael Bollman, Cofounder, CTO, and CSO, says that Stormboard is a security-first company that puts compliance high on the business’s list of priorities. Much of Stormboard’s competitive advantage is based in part by the way the company thinks about security. “Our big enterprise clients love the way we can host their own dedicated servers anywhere in the world,” Michael says. 

The challenge

Unlocking new revenue streams

Stormboard experienced a significant surge of growth in 2020. In order to do business with many of the prospective customers inquiring about their product, especially at the enterprise level, Stormboard needed to prove their security standards with SOC 2 compliance. “To do business with large enterprises, SOC 2 was table stakes,” Michael says. 

After earning SOC 2 Type I on their own—“the hard way,” according to  Michael—Stormboard wanted to take a more efficient approach to meet SOC 2 Type II requirements. The internal DIY approach to Type I was “solid work,” Michael says. “It took me four months to write the policies, find templates, and figure out how to automate controls. It was challenging.”

For a company experiencing a new stage of growth, it was critical for Michael and his teams to dedicate all their energy to unlocking revenue, not maintaining compliance. “As a CTO and founder, I need time back,” Michael says. For the next phase of Stormboard’s security and compliance program Michael required an external solution. 

The solution

Choosing a proven compliance partner

When it came time to pursue SOC 2 Type II, Michael began searching for the right compliance partner. “I spent a fair bit of time learning what Vanta was going to do for me, and at that point, it was a no-brainer.” 

Creating policies, evidence collection, offboarding templates, and continuous monitoring are the primary use cases for Stormboard. Vanta’s automation platform greatly reduced the time commitment required Michael to ensure Stormboard was continuously secure and compliant. “When we did SOC 2 Type I ourselves it took months. When we used Vanta to get our SOC 2 Type II, it took days.”

After partnering with Vanta to earn their SOC 2 Type II, GDPR was the next goal on Stormboard’s list of compliance goals. Many of Stormboard’s customers are located in the EU, making GDPR another compliance necessity. “The nice thing about SOC 2,”  Michael says, “is that you have a lot of the building blocks for GDPR. The Vanta platform continually monitored our progress.” 

The impact

Security confidence and efficiency 

Now that Stormboard complies with GDPR and SOC 2 Type II through Vanta, Michael and his teams are able to scale the business more efficiently and with confidence. “Our customers are giving us control of intellectual property—it’s sensitive data,” says Michael.

As Stormboard’s products and workflows change over time, Vanta is able to iterate and adapt to their needs. In particular, Vanta’s ability to integrate with Stormboard’s cloud tech stack has become a core element. At the enterprise level, these kinds of integrations demand reputable compliance protocols. “Security is important to us,” Michael says. “It helps me sleep at night knowing our systems are secure, monitored, and audited.”

{{quote-2}} “I don’t think we would have been able to get SOC 2 Type II properly without a tool like Vanta. That would have been my only job.”

What’s a Rich Text element?

The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.

Static and dynamic content editing

A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!

How to customize formatting for each rich text

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

“I don’t think we would have been able to get SOC 2 Type II properly without a tool like Vanta. That would have been my only job.”

Michael Bollman
Cofounder, CTO, CSO

Michael Bollman
Cofounder, CTO, CSO

Subscribe to our newsletter

Want to stay up-to-date on all things security and compliance? Subscribe to Vanta's newsletter for the latest on compliance standards, data security, and Vanta insights.

Everything you need to get compliance audit ready, fast.