These past few months, Insightly’s engineering team has been focusing on building user-focused features to improve the customer experience with the product dramatically, while simultaneously getting security compliant. Primarily our focus was on 3 fronts -
The SOC 2 standard specifies how companies should handle client data across 5 key Trust Services Criteria (TSCs) - Security, Availability, Processing Integrity, Confidentiality, and Privacy.
The SOC 2 report gives customers, regulators, business partners, and suppliers critical information about how an organization manages its data. Getting the right kind of security for our data was an imperative question that we found ourselves caught in. At the same time, being a B2B SaaS company, we couldn’t compromise on the pace of our product development. Development of a user-friendly product to help our customers build high-performing engineering teams, equipped with efficient and seamless processes is the cornerstone of our mission at Insightly. To ensure that our product and engineering teams are not bottle necked due to SOC 2 audit requirements, we decided to not approach a SOC 2 auditor directly.
Instead, we chose to partner with Scrut Automation, a compliance automation platform that acted as a true partner in establishing the right info-sec posture and helped us in accelerating our SOC 2 audit. Being SOC 2 compliant helps us to showcase to our ecosystem of customers, partners, and employees that we take information security seriously, building a sense of reliability. It also helped us establish key controls for securing our systems and process that manage our users’ data.
We recognize that completing the SOC 2 audit was a step in the right direction; one that enables us to successfully represent credibility and reliability to our future clients, partners, and stakeholders. We continue to uphold this promise and will fortify our information security by establishing stronger controls, and getting compliant with ISO 27001 and GDPR.