How Trust & Will Prioritized Security While Doubling in Size

The Challenge

The demand for SOC 2 reports has only continued to grow as Trust & Will has ramped up partnerships and secured funding. With little to no experience with SOC 2 compliance, we conducted months of research. That research only confirmed our feeling that SOC 2 was going to be an overwhelming task. Considering our rapid growth, we wanted to be prepared for SOC 2 and not have to make a mad dash to get there in the future.

The Solution

Our ideal solution was one that streamlined the process to get and stay SOC 2 audit-ready and minimized the need for us to be security and compliance experts. With the amount of work that goes into implementing a security program, we wanted a solution that could largely automate the compliance piece and allow us to effectively prove our posture during and in between annual audits.

Why Drata?

We chose Drata because it was the best solution on the market, the team is absolutely fantastic, and we love supporting other local San Diego startups! We felt confident Drata would put us on the most efficient path towards continuous SOC 2 compliance, allowing us to continue to prioritize the data security of our growing customer base.

The Experience

The Drata team played a big part in helping us navigate our SOC 2 journey, and they were always available to provide assistance any time we had questions. Having all the data centralized in a dashboard on the Drata platform was an invaluable asset when monitoring our progress, and providing policy templates gave us much-needed guidance. We loved the automated, continuous monitoring that informed us of test results and in-platform security training.

The Result

With a wonderful onboarding experience and deep integrations with our tool sets, we are already months ahead of where we would have been otherwise! In addition to saving our team hundreds of hours reviewing and searching other reports, Drata’s platform has guided us and allowed us to identify our areas of greatest need as first-time SOC 2 clients. From generating policy templates based on our custom inputs to automated device monitoring, Drata solved critical pain points that has allowed our team to prioritize the right things as we focus on growth. We believe anyone could utilize Drata, regardless of their level of technical or compliance knowledge.

What’s Next for Trust & Will?

Achieving SOC 2 Type 1 compliance is further proof of Trust & Will’s commitment to data security, allowing us to build and maintain trust with our customers. This is incredibly important to our business, particularly given our larger partnerships such as the one recently signed with AARP. SOC 2 Type 1 is an important step for us that will only increase the overall trust in our product, open up larger partnership opportunities, and further our mission to help as many families plan for the future as possible. And with our controls continuously monitored by Drata, we’ll be striving to achieve SOC 2 Type 2 soon.