SOC 2 first-timer
Polar Security had no prior SOC 2 compliance experience and needed to start the process from scratch.
Help needed with security
As an early-stage startup, there were no official security systems in place just yet. The security team needed expert guidance to build concrete security systems and implement best practices from scratch.
Customers in the US
Polar Security was starting to reach the US market. However, signing US-based customers was challenging as every second customer demanded a SOC 2 report.
Need to get compliant fast
Polar needed to get SOC 2 compliant as soon as possible as they were losing opportunities to expand.
Time is money
At the time, their team of five software engineers needed to focus on building the product and could not afford to allocate their time solely to SOC 2 compliance.
In the past, I did the SOC 2 process alone, manually collecting evidence and reviewing policies, which was a disaster. Now with Scytale, getting SOC 2 compliant is super simple, quick and easy to manage.
Director of DevSecOps, Polar Security
Robust InfoSec systems
Scytale’s compliance success managers helped Polar build and implement the correct infrastructure, policies and procedures, security controls and complete tons of security questionnaires requested by customers.
Scytale’s smart tool allowed Polar’s team to seamlessly integrate with their software (such as GitHub and AWS), which was hugely valuable. Polar was able to easily review policies, track the status of tasks and automatically collect evidence.
Advisory dream team
Polar Director of DevSecOps, Shiran Bardugo, shared that Scytale’s compliance success team were available and happy to help on all communication channels 24/7, making the process extremely easy to follow.
Management of audit process
Scytale took over all communications and workloads with EY during the audit period, which means Polar was undisturbed and could continue with their day-to-day responsibilities throughout their official SOC 2 audit.
Polar’s security and compliance team saved an enormous amount of time by utilizing Scytale’s automation tool to get SOC 2 audit-ready. Especially with implementing policies, customizing a controls list, continuous control monitoring and audit management.
Continued work as usual
Polar did not come to a standstill during their SOC 2 project, as Scytale’s smart technology and expert advisory team took the SOC 2 preparation weight load off the team.
Polar did not just achieve SOC 2 Type II compliance, but can also stay compliant and simply manage all InfoSec workflows within the automation tool. Going forward, it is easy for Polar to ensure that there are no compliance loopholes and that there is oversight across the company’s people, systems and processes.
Polar is wasting no time in expanding their InfoSec compliance and with Scytale, this has become very easy to undergo. Polar Director of DevSecOps, Shiran Bardugo stated that Polar only considered Scytale for their ISO 27001 compliance process.
The ability to provide a SOC 2 report to potential customers have removed any sales barriers and expanded Polar’s customer base.
Existing customers feel even more confident in Polar’s product and services and are reassured that their sensitive data is protected.