Overview
Voxel is a dynamic SaaS company with a sharp focus on enterprise clients. Their customers leverage cutting-edge computer vision and AI technology to automate risk management and provide comprehensive reporting by enabling security cameras to automatically identify hazards and high-risk activities in real time.
Service Provided
- SOC 2
Challenge
Voxel had a clear need to accelerate enterprise trust-building and uncap their growth. They first approached Sensiba as a fast-growing company seeking to confirm their systems were secure as they grew. In addition, they wanted a surefire way to demonstrate this to their larger customers to build trust and reduce time spent getting through vendor screening questionnaires.
In going to market to secure deals with larger customers, Voxel soon found themselves in what felt like the security and compliance version of Groundhog Day. Continually stuck in the arduous process of providing information through security questionnaires that seemed to repeat themselves over and over again, the Sales and Engineering teams soon found themselves spending between 10 to 15 hours on each of these efforts.
Knowing there had to be a better way, the Voxel team explored how they could get total control over their entire compliance landscape in a way that allowed them to automate compliance and easily provide a summary of their security posture to customers.
“When you do audits all at once, you have hours to a few days to provide the evidence because there is a time crunch. I think spreading it out makes it feel like less of a burden for us.”
Kacie ArmbrustDirector of Finance, Voxel
Solution
To supercharge their two-person compliance team to do the work of many, Voxel decided to join forces with a compliance automation platform to help them along this journey. Out of all the compliance platforms currently available, they chose to partner with Drata due to an intuitive and interactive set up that makes obtaining and maintaining security compliance easy.
Once onboarded with Drata, Voxel began their search for an audit partner to assess their controls against the SOC 2 standard. After interviewing a few different companies, their quest for a SOC 2 auditor led them to Sensiba, who they felt were the only firm to truly understand them and their processes, as a cloud native, SaaS-first company.
Kacie described their onboarding process with Sensiba as ‘quick and easy’ noting that combined with Drata, it was an intuitive, fail-safe approach, using the pre-existing systems set up between the two companies.
Result
After embarking on their journey, they were pleasantly surprised at the reduced volume of manual evidence upload needed due to the synergies created between Sensiba and Drata.
Evidence of Voxel’s controls in Drata were leveraged by Sensiba’s auditors, which drastically reduced the amount of time needed for the audit; allowing Voxel to complete their SOC 2 Type 1 report within a month.
Once this was achieved, Voxel were now able to showcase all of their compliance and key security information in Drata’s Trust Center. This feature puts Voxel in full control of what’s shared and accessible to different types of users.
Drata’s Trust Center streamlines the process of security reviews for partners and empowers sales teams with self- serve answers to questionnaires, allowing more deals to be secured faster.
They went from needing five different team members’ input to complete these questionnaires, down to one; who now had the power to provide all of these self-serveanswers at the click of a button. The flow-on effect from this was huge and Voxel was able to rapidly accelerate their sales cycle from months to weeks.
Enjoying the benefits of their SOC 2 Type 1 achievement, Voxel found moving into their SOC 2 Type 2 audit to be just as seamless. With Sensiba’s Continuous Audit Program, the number of controls reviewed across an audit period are broken down into smaller groups or categories, that are then worked on in a logical order month by month.
Completing a SOC 2 Type 2 audit this way drastically reduces the burden that is often felt by companies undergoing this kind of audit, due to the seemingly overwhelming number of controls to cover. By having a small sub-set of controls to work on each month, the workload is spread out into bite-sized chunks, minimizing business disruption.
Reflecting on the experience, Kacie said: “When you do audits all at once, you have hours to a few days to provide the evidence because there is a time crunch. I think spreading it out makes it feel like less of a burden for us.”
Ready to get started?
Find out how our GRC team can help you with your compliance. Contact us to learn more about how we can work together toward your goals.
Case Studies
Ready for more inspiration? Dive into additional client success stories where we showcase diverse projects, innovative solutions, and the transformative impact we’ve had on businesses like yours.
