voxel-logo-white-tag
quote icon

"When you do audits all at once, you have hours to a few days to provide the evidence because there is a time crunch. I think spreading it out makes it feel like less of a burden for us."

kacie-armbrust
CASE STUDY
voxel-logo-white-tag
Voxel establishes SOC 2 compliance through AssuranceLab’s Drata Starter x Continuous Audit Program and boosts sales efficiency

Voxel, a technology-driven SaaS company, leveraged AssuranceLab’s Drata Starter x Continuous Audit Program to achieve their initial compliance outcome in 1 month. 

By becoming SOC 2 compliant and establishing trust with their large enterprise customers, they were able to noticeably accelerate their sales cycle from months to weeks; all while leveraging fewer resources dedicated to their compliance initiative.

CLIENT INTRODUCTION
Voxel: a cutting-edge computer vision and AI company with a big future

Voxel is a dynamic SaaS company with a sharp focus on enterprise clients. Their customers leverage cutting-edge computer vision and AI technology to automate risk management and provide comprehensive reporting by enabling security cameras to automatically identify hazards and high-risk activities in real-time. Realising the growing need for SOC 2 compliance, Voxel’s Chief Technology Officer, Anurag Kanungo, played a pivotal role in orchestrating their compliance journey with AssuranceLab.

PROBLEM
A clear need to accelerate enterprise trust-building and uncap their growth

Voxel first approached AssuranceLab as a fast-growing company seeking to confirm their systems were secure as they grew. In addition, they wanted a surefire way to demonstrate this to their larger customers to build trust and reduce time spent getting through vendor screening questionnaires.

In going to market to secure deals with larger customers, Voxel soon found themselves in what felt like the security and compliance version of Groundhog Day. Continually stuck in the arduous process of providing information through security questionnaires that seemed to repeat themselves over and over again, the Sales and Engineering teams soon found themselves spending between 10 to 15 hours on each of these efforts.

Knowing there had to be a better way, the Voxel team explored how they could get total control over their entire compliance landscape, in a way that allowed them to automate compliance and easily provide a summary of their security posture to customers.

SOLUTION
Pursuing SOC 2: the international standard of choice demonstrating commitment to security and privacy

After further research, the team determined that what they needed was to become SOC 2 compliant. They would need to demonstrate that Voxel had designed and implemented effective controls to ensure the security of customer data.

To supercharge their two-person compliance team to do the work of many, Voxel decided to join forces with a compliance automation platform to help them along this journey. Out of all the compliance platforms currently available, they chose to partner with Drata due to its intuitive and interactive set up that makes obtaining and maintaining security compliance easy.

Once onboarded with Drata, Voxel began their search for an audit partner to assess their controls against the SOC 2 standard. After interviewing a few different companies, their quest for a SOC 2 auditor led them to AssuranceLab, who they felt were the only firm to truly understand them and their processes, as a cloud native, SaaS first company.

Voxel Director of Finance, Kacie Armbrust, shared that Voxel looked at the cost-benefit analysis of becoming compliant. They compared the costs of the audit and Drata with the expedited sales timelines and revenue growth associated with winning larger clients. The choice became clear. Drata and the Continuous Audit Program offered by AssuranceLab was ultimately what Voxel signed up for as it suited their company’s size and needs.

Voxel had initial concerns around how the partnership would work logistically. With AssuranceLab being based in Australia, they would be working asynchronously with Voxel in the US. These concerns, however, were quickly quelled through the seamless use of Drata’s Audit Hub and a Slack channel for communication between the teams.

Kacie described their onboarding process with AssuranceLab as ‘quick and easy’ noting that combined with Drata, it was an intuitive, fail-safe approach, using the pre-existing systems set up between the two companies.

RESULTS
Finding synergies in partnership and unlocking audit value with minimal strain on internal resources

Going into the audit, the Voxel team had anticipated the need to provide a large amount of evidence to their audit team to meet the requirements of the SOC 2 standard.

After embarking on their journey, they were pleasantly surprised at the reduced volume of manual evidence upload needed due to the synergies created between AssuranceLab and Drata. 

Evidence of Voxel’s controls in Drata were leveraged by AssuranceLab’s auditors, which drastically reduced the amount of time needed for the audit; allowing Voxel to complete their SOC 2 Type 1 report within a month.

Once this was achieved, Voxel were now able to showcase all of their compliance and key security information in Drata’s Trust Centre. This feature puts Voxel in full control of what’s shared and accessible to different types of users.

Drata’s Trust Centre streamlines the process of security reviews for partners and empowers sales teams with self-serve answers to questionnaires, allowing more deals to be secured faster.

They went from needing five different team members' input to complete these questionnaires, down to one; who now had the power to provide all of these self-serve answers at the click of a button. The flow on effect from this was huge and Voxel were able to rapidly accelerate their sales cycle from months to weeks.

Enjoying the benefits of their SOC 2 Type 1 achievement, Voxel found moving into their SOC 2 Type 2 audit to be just as seamless.

With AssuranceLab’s Continuous Audit Program, the number of controls reviewed across an audit period are broken down into smaller groups or categories, that are then worked on in a logical order month by month.

Completing a SOC 2 Type 2 audit this way drastically reduces the burden that is often felt by companies undergoing this kind of audit, due to the seemingly overwhelming number of controls to cover. By having a small sub-set of controls to work on each month, the workload is spread out into bite-sized chunks, minimising business disruption.

Reflecting on the experience, Kacie said: “When you do audits all at once, you have hours to a few days to provide the evidence because there is a time crunch. I think spreading it out makes it feel like less of a burden for us.”

“It feels like we're constantly making progress towards it each month, which from an internal perspective is uplifting.” 

CONCLUSION
A seamless audit process with far-reaching benefits for Voxel and their customer base alike

Overall, Voxel’s partnership with AssuranceLab and their adoption of the Drata Starter x Continuous Audit Program proved transformative for the company. The ongoing, monthly cadence of compliance activities allowed them to make steady progress towards SOC 2 compliance, allaying their concerns about time crunches and year-end audits.

Voxel’s success story underscores the benefits of proactive compliance management through AssuranceLab’s Drata Starter x Continuous Audit Program. Their improved sales efficiency, enhanced data security, and streamlined audit processes position them for sustainable growth and success in the competitive SaaS landscape.

alab-soc2-image
GET IN CONTACT

Get started your way

We’re ready when you are
If you’re ready for a no-obligation discussion on your compliance needs and goals, our friendly team will be happy to take your call.