Data Virtuality is unified data integration platform for real-time data access, modeling, governance, and delivery, leveraging data virtualization and data movement techniques. Its mission is to enable businesses to leverage the full potential of their data by providing a single source of truth platform to connect and manage all data.
“Secureframe makes your life so much easier because you see the next steps at a glance. You don't need to study tons of materials to understand the frameworks in every detail. The system tells you what you need to do and where you have gaps that you need to fill.”
Matthias Werner, Head of Finance and Analytics, Data Virtuality
Secureframe provided Data Virtuality with:
Jump To
Data Virtuality is a B2B software vendor that develops and sells data integration solutions globally across industries, including banking, financial services, and healthcare.
Matthias Werner, Head of Finance and Analytics, pushed to improve security due to the company’s market position in Europe and the US, along with a notable increase in client requests for security and compliance certifications. This kickstarted a team effort to achieve compliance with the most frequently requested security frameworks.
“We recognized an increasing demand for security features, not only technical features but certificates and other organizational security measures from our clients," says Matthias Werner, Head of Finance and Analytics. "And because we mainly sell to large enterprises, security is always high up on the list of topics to discuss.”
A core team was assembled, which included Matthias, the security officer, the CTO, plus additional support from other departments such as HR. The team established a compliance roadmap, prioritizing ISO 27001 to align with the company’s primary European market. Faced with manually creating huge volumes of documentation and formalizing internal processes, the project grew increasingly complicated and burdensome.
“We learned the manual process can be super painful… not only to understand the special kind of language in these standards and frameworks but also to make sure we keep everything up to date and comply with every requirement.”
Matthias and the team successfully achieved their ISO 27001 certification, but were keenly aware of the excessive demand on resources required by completing the process manually.
“We realized this isn’t scalable because it ate up so many resources. So, we looked to streamline the process and make monitoring easier. We didn’t want to do this on our own again.”
With SOC 2 on the horizon, the compliance initiative had naturally become a key priority for the entire company as the team worked to improve efficiency. The team began looking for a solution to ease the strain.
“We trialed three vendors at the same time to get a feeling for each platform, features, and the packaging and scalability.”
After completing a demo, accessing the platform, and connecting with the customer support and compliance team, Matthias was convinced by Secureframe’s innovative automation capabilities and the clear expertise of the people they interacted with.
“Since we weren’t experienced in the security field, it was important that we could reach out, ask for help, and have a consultative approach to compliance. This was one benefit we saw in Secureframe.”
With the goal of starting a SOC 2 audit as soon as possible, it became a no-brainer to go with Secureframe due to the platform’s readiness.
“We learned that their auditor partners are more or less readily available, and as soon as we were ready, we could start on our SOC 2 audit.”
Beyond completing their SOC 2 report, Matthias also wanted an easy way to share compliance status and progress with stakeholders, which he found in Secureframe’s Trust Center. Matthias was also happy about Secureframe’s audit readiness support, which helped the team prepare for their audit by identifying potential issues in advance.
“It wasn’t only about technical features. The fact that somebody could do a lightweight mock audit with us to go through it and check for possible traps the auditor could find was a positive.”
Secureframe's responsive support and expert guidance gave the team confidence throughout the audit process, and the ability to map common controls across frameworks like SOC 2, HIPAA, and ISO 27001 eliminated duplicate work and allowed Data Virtuality to quickly achieve compliance with multiple frameworks on their roadmap.
“SOC 3 was attached to SOC 2, and HIPAA was also managed through Secureframe. This was one of the reasons we wanted to have a platform in place: in all of the frameworks, there's at least some kind of overlap.”
Compared to Data Virtuality’s ISO 27001 certification, completing their SOC 2 report required far less manual effort and resources. Matthias reported faster time-to-compliance and the ability to quickly move from SOC 2 to HIPAA compliance using the platform.
Secureframe's Trust Center also accelerated security evaluations for potential clients, helping close deals faster by easily sharing security documents like their SOC 2 report.
“We receive requests through the Trust Center quite often of people asking for the SOC 2 report or something similar. This certainly speeds up the security evaluation.”
The streamlined compliance management process reduced the burden on internal teams, allowing them to maintain compliance while focusing on other responsibilities.
Coupled with the personalized support from Secureframe’s experts, it ensured a smooth onboarding process and a successful audit experience.
“Secureframe makes life so much easier because you see what you need to do at a glance. You don't need to study tons of materials to understand the frameworks in every detail. The system tells you what you need to do and where you have gaps that you need to fill. The overall package was great for us.”
