Case Study

From Zero to Compliant: Monit’s Journey to SOC 2 Type I with Laika

Laika

Reading time < 10 min

Monit provides small to medium-sized businesses with the power to manage cash flows all from one place without the headache of financial uncertainty. With powerful insights on predictive analytics and custom financial tools, Monit allows business owners to focus on growing their business and being financially confident. 

Provided to consumers by their banks, Monit knew regulatory compliance was a must-have from the beginning. However, with all the different compliance frameworks possible, they needed a partner that could help them navigate the landscape, choose the correct framework, and implement the highest level of security standards. 

With on-demand guidance from Laika’s compliance architects, Monit received a SOC 2 Type I certification. We spoke with John Calabrese, Head of Product at Monit, about how seamless Laika’s platform made the compliance process. 

How it Started

For Monit to provide business owners with the freedom to manage their cash flows, they needed regulatory compliance to meet procurement requirements from banks. When working in regulated industries, like finance, security is a must-have and oftentimes required when selling to institutions like banks. The problem was that the Monit team didn’t know where to begin, or which framework to tackle. 

As they approached the idea of an ISO 27001 certification, Monit’s prospects recommended that a SOC 2 was more applicable and holistic. A SOC 2 certification is the gold standard; a signal that all data collected, stored, and analyzed is handled appropriately. 

“We approached the idea of other frameworks, but after speaking with our prospects, we quickly realized how important a SOC 2 certification was. It’s the gold standard that would address all the concerns prospects could have in regards to our security measures.”

After looking into various solutions, and the big four accounting firms, Monit knew they needed a solution that was stage-appropriate and could be easily monitored on an ongoing basis.

Building Compliance From Scratch

Monit turned to Laika for help to build a compliance program from scratch. Laika’s platform capabilities coupled with compliance experts-in-the-loop proved to be a vital part of the process. 

Playbooks

Dana Mueller, Laika’s compliance architect, and security officer, and Amalia Simpson, Laika’s customer success manager, provided Monit with a customized actionable task list that closed any vulnerability gaps. Playbook made the implementation process seamless and broke down difficult compliance language into plain English.

“Dana and Amalia walked us through the platform, and it was really easy to see our progress and the outstanding tasks we needed to do to get to 100%. Of course, they were experts on the individual tasks as well, giving great guidance on the technical details of requirements in plain English. Other platforms just don’t provide that type of on-demand support.”

Knowledge Base

Knowledge Base served as the single source-of-truth during the preparation process (and still does today). The Laika team created custom workflows that applied to relevant information across different controls, policies, and people. 

Using third-party integrations, Laika and Monit worked together to gather documentation, complete tasks, and collect evidence to prepare for the audit.

“The centralized Laika system housing documents, processes, control evidence, and vendor management all in one place proved to be the deciding factor. It was useful not only as we prepared for the audit, but will also be very helpful as we grow and onboard new people.”

Three-Week Audit Process

After passing the readiness assessment, Laika and Monit tackled the audit. While an audit process can seem daunting, Laika helped Monit stay prepared to reduce any back and forth remediation. Because all evidence was already in place through the Laika platform, the audit process was smooth with no major or minor issues to fix.

“We had everything in place before going into the audit. Anyone who goes into this should have the expectation that it will take work, but Laika helped make the entire process seamless because of all the work we did upfront.”

While typical audits take 6 weeks to 3 months, Monit sailed through in 3 weeks with only 1 additional piece of evidence required.

What’s Next?

A SOC 2 certification wasn’t just a checkbox for Monit; it was a promise to their customers and prospects that the team is dedicated to providing the highest standards of information security. Monit has already used their certification to their advantage by answering due-diligence questions in half the time and highlighting it as a competitive advantage at events and shows.

Vendor Due-Diligence

Laika’s due-diligence feature allows Monit to answer vendor security questionnaires in a fraction of the time that it would normally take. The smart question editor and resource library allowed them to seamlessly import security questionnaires and build customized data rooms for vendors with relevant files.

Competitive Advantage

By having a compliance program in place, you’re telling prospects that not only do you have all of the innovative products/services and the agility of your competitors, but you also ensure their data is handled in accordance with regulatory requirements. 

When speaking at an event, Monit leveraged their SOC 2 report to stand out against competitors. It proved to be a crucial differentiator to potential customers, who feel safe knowing that when they register, their data is handled with bank-grade security.

Towards SOC 2 Type II

A SOC 2 certification wasn’t just a checkbox for Monit; it was a promise to their customers and prospects that the team is dedicated to providing the highest standards of information security. As they continue to grow, information security and privacy will remain a top priority.

Ready to start your compliance journey? Team up with Laika to do it right.

Stay in touch

Stay in touch