Chris McCall the CEO of Valid8 Financial was pushing hard to get his SaaS platform adopted by a Fortune 100 customer.
Valid8 is an innovative financial reconciliation system that can identify fraud by reconciling opaque cash accounts to ERP ledgers automatically. Valid8 was showing some great success in the market and had won a deal with one of the "Big 4" to adopt their platform. For Valid8 this was the adoption they had been fighting for and represented an important milestone in their growth. Still glowing from the win, they received news that a SOC 2 would be a hard-stop requirement to move further with a contract. That's when Chris called Strike Graph.
Valid8 fits the model of a standard B2B SaaS company. Like most companies these days a prerequisite to delivering their product requires the sharing of private information or sensitive information. Private information can include any kind of personal data such as employee records, customer records, financial records or even just website traffic data. Sensitive information is typically information a company would like to control. That can include legal contracts, intellectual property, machine learning models or even software code.
Chris came to Strike Graph to pass their SOC 2 audit quickly. Talking to the Valid8 executive team said "We know a SOC audit is coming at us like a train and we have no plan of action. We are already 3 months behind.". Strike Graph is built to allow companies to rapidly pass their audit. We knew the Valid8 team needed to enter their audit within the next 30 days to meet their revenue goals and onboard their top customer quickly.
The Strike Graph north star is "To make complex standards simple." One of the best ways to simplify SOC 2 is to make sure customers only do what is necessary to pass an effective audit. Not the minimum, but what is required to quickly get their SOC 2. Our solution allowed Valid8.Cash to deploy a customized compliance practice instantly. The Strike Graph system has this capability because we measure the customers risk and dynamically scope the correct security practices. Strike Graph's innovative system cross-references a company's custom compliance practice to the SOC 2 requirements to ensure you pass your audit.
There are a lot of "gotchas" involved in a SOC 2 audit. Strike Graph has talked to dozens of customers that got caught without planning their penetration test or finding the right auditor. Strike Graph understands that no one enjoys having to manage the audit process. Organizing the myriad of internal tasks, orchestrating independent vendors and following through on all the details - all while trying to run your business - makes completing the audit challenging. This effort all culminates in trying to manage an auditor, their expectations and opinions about your company.
For Valid8 to quickly get into audit there couldn't be any "gotchas" that would derail the project. Strike Graph was able to complete the Valid8 penetration test and vulnerability assessment with plenty of time for their audit. Strike Graph carefully vets the right auditor for your audit. The Strike Graph system also provided security training, a complete set of standard policies, and easy technology decisions to help improve the security practices of Valid8 within time to start their audit.
Valid8 Chief Product Officer Tod McDonald CPA said, "We don't want to be experts in security audits. It was infinitely easier for us to work with one vendor, Strike Graph for our SOC 2. They made sure that all aspects of the compliance process were completed."
The result, Valid8 started their audit within 30 days of adopting Strike Graph. Valid8's CEO provided this reflection upon the completion of the work "I had a PO with a Fortune 100 customer that required SOC 2 in 60 days. Strike Graph was the only way we were able to secure that revenue."
The CEO of Strike Graph, Justin Beals had this to say about the outcome with Valid8, "I've found that generally companies do implement good security. A SOC 2 turns that sunk cost into a massive sales tool. Strike Graph is here to make sure you easily pass your audit and can prove your maturity and secure practices to your customers. This is exactly what Valid8 has done. Using Strike Graph they have organized and proven they are an enterprise technology that other enterprise companies can do business with."
Strike Graph is on a mission to help companies achieve important security certifications. Achieving a SOC 2 can help you close contracts twice as fast and for twice as much. Strike Graph makes sure the process is easy, the standard is simple and our customers successful in achieving their compliance goals.