Clearly-defined remediation steps made compliance easy to understand even for non-security or compliance personnel, saving Chili Piper yearly costs on a full-time security hire.
Vanta’s breadth and depth of integrations and automation helped Chili Piper get 80% of their time back from manually gathering evidence and back-and-forth meetings with auditors.
SOC 2 Type II and ISO 27001’s international recognition helps Chili Piper prove security with EMEA and enterprise prospects, allowing them to invest in their key focus areas for international and upmarket growth in 2023.
“Vanta saved us from having to hire someone full-time or pay consultants to help us maintain compliance. From an ROI perspective, Vanta helped us save roughly in the low to mid-six figures yearly.”
The Company
Advanced scheduling and routing for B2B revenue teams
Chili Piper was founded in 2016 with the mission of making it easier for Sales Development Representatives (SDRs) to hand off qualified prospects to Account Executives (AEs). Meetings are the lifeblood of sales teams, and Chili Piper knew that solving the logistical challenge that SDRs faced when booking time with prospects for their AEs would be essential for their customers. Their innovative approach through automation quickly propelled Chili Piper’s business and provided substantial growth throughout the past eight years.
Today, they have nearly 2,000 customers and more than 180 employees. Chili Piper has expanded far beyond simple sales handoff routing between SDRs and AEs — they are now a complete inbound conversion platform designed to act as a concierge for sales representatives when it comes to appointment scheduling, CRM updates, lead and case distribution, and much more.
Scott Haney has been the Director of Revenue Operations at Chili Piper for the past five years. He leads efforts to support their Sales, Customer Success, and Marketing teams with operational needs — such as setting up systems and processes so that their sales cycle is as smooth as possible. However, as one of the first few technical leadership hires at the company, and as compliance grew in importance, he eventually took on additional security and compliance responsibilities — which diverted significant time from his day-to-day responsibilities at Chili Piper.
The Challenge
Streamlining compliance for the future of Chili Piper
Chili Piper was at a pivotal point in their company’s history before they found Vanta. As the market and purchasing behavior shifted to a “try-before-you-buy” self-service model, Chili Piper responded by building a Product-Led Growth (PLG) motion — while still heavily investing in a B2B motion moving upmarket. They wanted to be able to cater to these new go-to-market models quickly. On top of that, Chili Piper encountered challenges when selling to prospects in new verticals and new markets — European-based prospects and prospects in regulated industries had stricter security requirements than the ones Chili Piper was used to, and demanded that Chili Piper could demonstrate trust and prove their security before they decided to work with them. Thus, asks for security questionnaires, policies, and security documentation came piling in — and it quickly became overwhelming for Scott and his already thinly-stretched team.
To offload some of the work from Scott, their CTO suggested that Chili Piper dedicate some engineering time to helping Scott with their security and compliance programs. However, they quickly learned that doing so meant Chili Piper’s product and engineering teams had their own attention diverted from business-critical activities, such as building new products and features to support their growth goals.
To make matters worse, Chili Piper’s original compliance partner was not helpful in streamlining the audit process. As Scott put it, “Our original partner made the audit process super manual, tedious, and boring.” He knew that in order for Chili Piper to move quickly and hit their growth goals, they had to simplify their yearly compliance process — fast. With only a few short months until their next audit, Chili Piper left their original compliance partner to look for a better way.
The Solution
Scalable security to future-proof their growth
After hearing about Vanta from Scott’s network, Chili Piper decided to switch their compliance partner. They were impressed by the number of integrations that Vanta supported and quickly learned that through automation and intuitive remediation guidelines, Chili Piper regained 80% of their time — which was originally spent on meetings between Scott, their Engineering team, and their auditors. They quickly saw their return on investment — with Vanta’s automated evidence collection, even non-security and compliance personnel could help manage their security program, which saved Chili Piper from having to hire full-time security staff or expensive third-party consultants.
By integrating their infrastructure with Vanta, 3-4 hour video calls between their team and their auditors quickly became 30-minute weekly check-ins. This time savings led them to achieve their SOC 2 Type II attestation in less than half the amount of time it took Chili Piper to get their SOC 2 Type I attestation with their previous partner. As Scott put it, “The time it took for us to become compliant was nowhere near the estimated 15-18 hours our auditors had originally told us.”
Scott and his team also found that Vanta’s policy templates, in-app editor, and other solutions meant that they did not need to be security and compliance experts themselves to build a robust security program. Vanta’s included Inventory Management solution, automated employee onboarding & offboarding tasks, and annual Security Awareness Training allowed Chili Piper to automate annual security tasks and simplified the way they managed company and employee security.
After successfully getting their SOC 2 Type II attestation in record speed, Chili Piper decided to further build upon a strong compliance foundation and shifted their attention to adding ISO 27001 certification — helping to fuel their expansion to European markets and beyond. “It took us no longer than a month to get ISO 27001 and SOC 2 together,” said Scott. “It gave us time back to refocus on business activities.”
The Impact
Refocused efforts on expansion into new industries and geographies
With a robust security program now automated by Vanta, Scott and his team have refocused their efforts on supporting their go-to-market teams. Chili Piper’s PLG motion and expansion into the enterprise have proved to be successful and helped them hit their ambitious revenue targets. They’ve also begun to expand into heavily-regulated industries, such as financial services, healthcare, and education. Having SOC 2 and ISO 27001 certification in hand helped Chili Piper prove trust and demonstrate security to security-conscious prospects in these new markets — each with their own unique security requirements. Now, Chili Piper operates with the confidence that security and compliance will not be a blocker to any of their growth goals in the future.
{{quote-2}}
"Vanta easily cuts the amount of time it takes to go through security audits in half, if not more than that, compared to the manual route we originally took."