unitQ, a cloud-based product quality monitoring platform for product-driven companies, had rapidly evolved from a go-getting start-up into a fast-scaling SaaS success story serving category-leading customers like Chime, Strava, and Pandora.

With their new-found position in the marketplace, unitQ suddenly had more to worry about than just delivering great results for their clients. To close deals with the biggest and best in the industry, they needed to streamline their operations, and ensure they met all the compliance expectations of the enterprise prospects they were going after. 

Increasingly, these prospects were demanding a SOC 2 report—an auditor’s report verifying the controls that a business has in place to protect its customers’ data. 

“Our customer base includes some of the most high-profile tech companies in the world—and quite simply they require SOC 2,” says Anthony Heckman, Head of Business Development at unitQ. “Without it, prospects were asking us to supply enormous amounts of documentation and proof every time. This was drastically extending the sales cycle and putting the brakes on our growth.

A pivotal moment came when unitQ closed a major deal with Chime, one of the largest fintech companies in the world. As part of the contract, unitQ pledged to secure SOC 2 compliance within a fixed period. So unitQ not only needed results fast—they needed best in-class policies, procedures and controls.

“However, we were far from experts on the SOC 2 compliance process, controls, pricing or timelines, so we’d need to invest time in understanding that process before we could even get started. SOC 2 felt like a long list of steps—I don’t know many folks going through it for the first time who wouldn’t say it can be an intimidating process.”

The question now was how to move forward. unitQ didn’t have the in-house security consultants to manage the process internally. And while they could have tasked someone from the team with project managing the process, it would have been an arduously steep learning curve and taken them away from what they do best. 

“What we needed was a partner with the expertise and support capabilities to take all the work off our plate,” says Anthony. “A partner with deep expertise to guide us through everything, without SOC 2 becoming a burden on our busy team.”

After scouting the market for a solution, unitQ discovered Secureframe—and everything fell into place.

It was clear from Secureframe’s website that they had a long list of happy customers, who praised their easy-to-use platform, hands-on support, clear process and pricing, and depth of expertise. For Anthony, it really was a case of ‘what’s not to like?’

Secureframe’s smooth onboarding process began when Anthony hopped on a kick-off call with a member of the Customer Success team. 

“It was so clear that Secureframe had deep experience of SOC 2, so we immediately felt very comfortable that they were the right partner to shepherd us through the process,” says Anthony.

“On that single call, Secureframe helped us get set up on their platform and walked us through every feature and function. They were so clear about their price and how the process was going to run that we knew exactly what we were getting from the start.”

In order to simplify SOC 2 for its customers, Secureframe reduces the process to 7 key steps. These include scanning and securing unitQ’s security infrastructure, creating security and compliance policies, assessing and managing vendor risk, and completing the audit.

“What we loved about Secureframe was that they not only explained the process of what they’d be doing, they also explained the ‘why’ behind everything” says Anthony. “So it was always clear what needed to be worked on to get ourselves audit-ready.”

As Secureframe made a start getting unitQ SOC 2 ready, its online platform became unitQ’s single source of truth. 

Within the portal, every step of the process was laid out, along with specific tasks allocated to named members of unitQ’s team. This ensured everyone could see where they were in the process and any bottlenecks could be quickly fixed. 

Even better, a huge chunk of the manual work typically associated with achieving SOC 2 was taken off the team’s shoulders by Secureframe’s 100+ software integrations. The platform automatically synced with unitQ’s core services, collecting data on infrastructure, policies and other evidence vital to the audit. This meant the team didn’t have to waste hours of precious time pulling data manually and drowning in spreadsheets.

“The integrations moved things forward quickly,” says Anthony. “And because the platform laid out the process so transparently, it was easy to see what tasks needed to be completed to keep everything on track.”

At every step, Secureframe could turn to a dedicated customer success manager—backed up by the company’s security and compliance experts—if they had any post-onboarding questions. Secureframe also set up a Slack channel as a central communication hub. Whenever unitQ posted a question, Secureframe provided a response within minutes, ensuring the process remained friction-free.

“Secureframe’s Customer Success and Compliance teams were hyper-responsive and ensured the entire process went smoothly by providing exceptional support,” says Anthony. “SOC 2 compliance is a big deal, so to know their team was always there was incredibly valuable—particularly in areas where we had limited knowledge and needed hand holding.”

“It was so clear that Secureframe had deep experience of SOC 2, so we immediately felt very comfortable that they were the right partner to shepherd us through the process.”

For businesses that choose to manage SOC 2 internally, the process usually takes around 9 to 12 months—and comes with no guarantee of success at the end. With Secureframe, everything was buttoned up in just 12 weeks, a full two weeks ahead of schedule. 

That’s at least three times faster than the norm, all the while saving unitQ’s team hundreds of hours of time and effort. 

While the original 14-week schedule was set by unitQ, as they needed to balance other business priorities, Secureframe regularly delivers SOC 2 compliance in just a few weeks.

With SOC 2 compliance achieved, unitQ wasted no time maximizing the impact of their superior security status. They shouted about it in sales outreach and made it unmissable on their website to demonstrate their evolution as a business, drive more leads and, ultimately, close more of their dream, category-leading customers.

“We want every company in the world, and ultimately their end users, to benefit from unitQ. Now, thanks to Secureframe’s help in achieving SOC 2, we can demonstrate our maturity level and show these firms we run a professional, mature, and compliant organization,” says Anthony. “This has accelerated our sales cycle with enterprise customers and unlocked so many more sales and growth opportunities for the business.”

As a business that openly admits it found SOC 2 daunting, unitQ hugely appreciates the five-star support and guidance they received from Secureframe. 

“People are what make businesses great, and Secureframe really hustled for us at every stage,” says Anthony. “If ever they thought we were uncertain, they’d proactively step in and guide us through. They constantly demystified the process.”

Anthony would recommend Secureframe to any CEO or security consultant looking to get SOC 2 set-up in any size of business.

“I’d recommend Secureframe 100%, because they got the job done ahead of schedule, without any issues, were super-responsive, great to work with and very cost-effective. So it’s a no-brainer!” says Anthony. 

“We couldn’t get to the next stage of growth without processes like SOC 2 in place, and couldn’t have closed enterprise customers without it. I couldn’t imagine going through that without Secureframe by our side.”