CASE STUDY
ÉTUDE DE CAS
How Cable instills customer trust with SOC 2 compliance from Vanta
Compliance and security are intrinsic to Cable’s identity. Their compliance partner needed to share the same values and priorities.
Cable’s expected growth demanded a long-term compliance partner who could guide them through scaling security and compliance practices.
Vanta’s jargon-free policies and intuitive UI enables efficient communication between internal teams, prospects, and vendors.
Out of our vendors, we have one of the best relationships with Vanta.
The company
First of its kind regtech
Cable is the leader, and first of its kind, in automated financial crime assurance. Cable enables fintech organizations, banks, banking-as-a-service (BaaS) providers, and compliance officers to automatically monitor BSA compliance in real-time.
Due to the highly sensitive nature of Cable’s industry, the company began designing its regtech software with a security-first approach. With SOC 2 already underway, as soon as she joined the Cable team, Business Operations Manager Valerie Priven focused on finding the right compliance partner. “Within the first few weeks, one of the big points I made was actually picking Vanta as a vendor. I realized we needed to make sure we had the right security foundations in place.”
The challenge
Overwhelmed with SOC 2 collection
Cable set out to dedicate the same level of energy to their compliance and security program that they invested in their product. Since Cable’s brand, product, and market fit are highly dependent on trust, they needed a compliance partner with a solid reputation.
With limited resources and a small team, they didn’t want to risk a DIY approach to compliance. Before turning to Vanta, Cable experienced slow progress and unclear security guidelines from using another security vendor. The evidence collection process, in preparation for their first audit, was mostly manual. These issues were greatly reduced after Cable selected Vanta’s automated platform.
{{quote-2}}
The solution
A trustworthy partnership
After assessing automated compliance platform options, Cable chose Vanta for a variety of reasons. The company needs a proven, trustworthy compliance partner that can provide ongoing assistance, an intuitive platform, and continuous monitoring.
Looking forward, Cable wants a long-term partner that supports multiple compliance standards. Although SOC 2 Type 1 was the primary need, Cable will eventually pursue SOC 2 Type 2 and ISO 27001 in the near future. Vanta’s UI-friendly platform displays Cable’s progress toward each standard.
Additionally, Cable requires a partner that enables them to seamlessly update compliance policies and frameworks over time to keep up with internal changes. Before Cable hired a Head of Engineering, Valerie was the primary Vanta platform administrator. “With Vanta, there’s a really good balance between automation and doing it yourself. Anyone with any level of data security knowledge could start working with Vanta.”
From Valerie’s business operations perspective, establishing an accessible compliance program with customizable, easy-to-understand policies was critical.
The impact
Adding to Cable’s compliance program
Vanta’s customer success team was instrumental in guiding Cable through the process of transitioning from a former compliance partner. “We needed to take a step back to make sure we had the right data security practices while also building our product,” Valerie says. The first few months of the relationship required lots of communication, especially to meet Cable’s need for policy customization.
Cable uses Vanta’s templates and documents to prove its security to prospective clients and vendors. Because the majority of Cable’s prospects share highly sensitive data with Cable, the ability to quickly and easily share proof of security instills trust in the business. “Vanta’s policies are really easy to read and super customizable,” says Valerie. “We’ve already sent our reports to potential customers. As an evolving startup, it’s really important to have clear policies that are easy to update.”
Vanta’s internal audit experts assisted Cable in procuring a trustworthy auditor whose insight and guidance made the audit experience feel comfortable throughout the whole process. Vanta’s automated compliance platform enables the various teams at Cable to monitor, customize, and address events in real-time without needless back-and-forth. Cable conducts day-to-day maintenance through ticketing, tests, and dashboard alerts.
Due to Cable’s positive experience with Vanta, they are now voluntary beta testers for new product features and updates. Cable regularly interacts with Vanta’s product managers to improve the Vanta platform through valuable feedback. Cable plans to pursue SOC 2 Type II, ISO 27001, and ongoing penetration testing through Vanta.