5 ways Vanta customers saved time and money automating their SOC 2

SOC 2 is a popular compliance framework used to evaluate and validate an organization’s information security practices. By getting a SOC 2 report, you’ll be able to develop a trusting relationship with your customers, unlock new revenue opportunities, and build a strong security posture. 

‍

The process of getting your SOC 2 often takes significant time, effort, and resources. The average SOC 2 process takes between six months to a year from the moment you start preparing the controls to when you have a completed SOC 2 report in hand. Vanta helps speed that process up by offering automation at every stage of your SOC 2 journey — from preparing your controls, collecting evidence, creating policies, and more. 

‍

With the help of automation, you get so much more than just your final SOC 2 report. In this blog, we’re highlighting five Vanta customers who accelerated their SOC 2 process and the wins they’ve seen as a result. 

‍

#1 Newfront saves over six figures with Vanta

Newfront is an insurance brokerage based out of San Francisco that connects businesses with different lines of coverage. The company wanted to move upmarket and the team knew they needed to build deeper trust with enterprise clients. The team committed to getting a SOC 2 Type II report, in addition to other frameworks, to demonstrate its strong security to customers and win more deals.

‍

“When I talked to the team at Vanta, I began to understand that this was a trust management platform and saw how beneficial it would be if we could use it on our journey.”

- Danny Macias, VP of IT & Enterprise Security at Newfront

‍

By integrating their infrastructure with Vanta to complete their audit, Danny and his team saved a massive amount of time and received their SOC 2 Type II report in just 10 months. Danny says this would have taken two years and cost much more if they would’ve done it manually. “We estimate that Vanta has saved us well over six figures,” said Danny.

‍

#2 Josef saves hours on security reviews

Josef is a no-code platform that empowers lawyers and legal professionals to automate their legal tasks. The company was in a hyper-growth cycle which led to an influx of security questionnaires by prospects and customers who needed to better understand Josef’s security posture. These questionnaires slowed the business down as it took the sales and legal teams significant time and effort to fill them out. 

‍

“Having industry-recognized certification enables us to build trust and make the deal that little bit easier to close.”

- Prue Burns, Head of Legal & Data Security at Josef

‍

The team quickly identified that SOC 2 and ISO 27001 were the two standards that met most of their customer’s needs. Within four months of purchasing Vanta, Josef got its SOC 2 Type 1 , and in another four months, got its SOC 2 Type 2. With a completed SOC 2, Josef reduced the number of security questionnaires it received — allowing the team to focus more time on market expansion.

‍

#3 Chili Piper put its annual audits on autopilot 

Chili Piper was founded in 2016 with the mission of making it easier for SDRs to hand off qualified prospects to AEs and offers an inbound conversion platform designed to make this handoff seamless. As one of the first few technical leadership hires at the company, Scott Haney took on security and compliance responsibilities in addition to supporting Chili Piper’s sales, customer success, and marketing teams with their operational needs. 

‍

On top of that, Chili Piper’s original compliance partner made the audit process very manual, tedious, and boring, according to Scott. He knew that for Chili Piper to meet its growth goals, the team would have to simplify their annual compliance process.

‍

By switching to Vanta, Chili Piper’s team regained 80% of their time back — which was originally spent on meetings between Scott, the engineering team, and their auditors. They quickly saw their return on investment with Vanta’s automated evidence collection. Chili Piper achieves its SOC 2 Type II attestation in less than half the time it took to get its SOC 2 Type I attestation with their previous partner. 

‍

“Vanta saved us from having to hire someone full-time or pay consultants to help us maintain compliance. From an ROI perspective, Vanta helped us save roughly in the low to mid-six figures yearly.”

- Scott Haney, Director of Revenue Operations at Chili Piper

‍

#4 Tailor gets SOC 2 in less than three months

Tailor is a Tokyo-based startup offering a highly customizable headless enterprise resource planning (ERP) tool that helps companies take care of everything from “order to cash.” The Tailor team was looking to expand into the US market and secure deals with enterprise clients. In conversations with these prospects, many potential clients were already asking to see Tailor’s SOC 2 report.

‍

"Security is extremely important to enterprise customers and we knew SOC 2 was table stakes for selling into enterprises."

- Yo Shibata, CEO of Tailor

‍

The Tailor team decided on Vanta due to the platform’s powerful automation and integration capabilities, which made Vanta fit nicely into the existing tech stack. In just under three months, Tailor attained its SOC 2 and with it, the team had the credibility they needed to confidently sell to enterprise customers.

‍

#5 Rakkar Digital cuts SOC 2 timeline in half

Rakkar Digital is a crypto custody service founded in Singapore that provides secure storage solutions for digital assets like cryptocurrency, stablecoins, and tokenized assets. In the wake of the 2022 crypto market downturn, the company needed to curb fears and demonstrate its commitment to security and compliance, which led them to needing a SOC 2.  

‍

“Being SOC 2 compliant will help clients realize that custodians will mitigate the risk involved with their daily operations.”

- Thomas Kung, CISO at Rakkar Digital

‍

With Vanta’s out-of-the-box integrations and the help of our implementation team, Rakkar Digital started making progress toward their SOC 2 with an expedited timeline. The team originally expected that it would take one year to get a SOC 2 report and that timeline was cut down to just six months. This was in large part due to Vanta's inventory of automated security practices, such as running tests and automated evidence gathering. 

‍

Once Rakkar Digital’s evidence was in and the controls were in place, the audit process began. Thomas expected the audit to take between four to six weeks, but because Rakkar Digital partnered with one of Vanta’s partner auditors through the Seamless Audit program, the SOC 2 audit only took two weeks. Now Rakkar Digital’s SOC 2 is helping the company gain an advantage over its competitors. 

‍

Want to see how Vanta can help you automate your SOC 2 process? Watch our Vanta in Action on-demand webinar to see how Vanta can automate up to 90% of the work needed to attain a SOC 2.

‍