Who They Are:
ISO 27001 and SOC 2 compliance have become increasingly important as businesses strive to protect data for both their customers and themselves. However, achieving and maintaining the appropriate level of compliance remains a significant challenge. Many organizations are struggling to effectively meet ISO 27001 and SOC 2 standards for numerous reasons, ranging from a lack of expertise to a lack of the appropriate technology.
That is where Tel Aviv, Israel based Scytale comes into the picture. Founded in 2020, the company was created to address the growing challenges of gaining and maintaining ISO 27001 and SOC 2 compliance. Led by CEO Meiran Galis, Scytale is focused on making SOC 2 & ISO 27001 simple, accessible, and effortless for ambitious SaaS companies all over the world.
The company has additional offices in Manhattan and Johannesburg and is dedicated to helping customers be security-conscious businesses with Scytale’s carefully designed compliance technology and expert-advisory services.
“Developing and implementing effective SOC 2 controls is an ambitious undertaking. It’s not easy, but the advantage of SOC 2 compliance is a powerful way to set yourself apart in a competitive field. By meeting SOC 2 standards, you demonstrate to potential customers that your company meets the most rigorous standards of security and service.”
Meiran Galis, CEO & Founder, Scytale
What They Do:
Scytale has created a comprehensive tool set that is designed to ease and maintain the implementation of SOC 2 and ISO 27001 compliance. That tool set is built into an automation platform, which can be combined managed services, to create an integrated environment that supports leading development and hosting tools.
Scytale has extensive market experience with SOC 2 and ISO 27001 compliance and offers expert advice on how to implement, maintain, and manage compliance processes. What’s more, the company leverages automation to build workflows that support auditing and reporting.
The company offers a dual perspective on compliance issues based upon their inhouse expertise of functioning both as compliance auditors and compliance officers. That duality in aptitude has helped the company to design a compliance automation platform that covers the aspects of compliance from both an enforcement and an auditing perspective.
Scytale offers three specific items in their product matrix:
- An Automation Platform: Which automates numerous manual processes, such as asset mapping, gap analysis, evidence collection, auditing, and several other processes
- Managed Services: Where Scytale offers concierge consulting that is tailored to a business’s needs and backed by a SaaS implementation
- Integration: Where Scytale is able to integrate numerous tools into a compliance platform to streamline a compliance journey
Who They Have Impacted:
Financial organizations are faced with several critical challenges. One of those challenges is establishing compliance and then offering the proof that compliance has been achieved and maintained. The processes dictated by achieving compliance are often time consuming and prone to error. Simply put, if compliance is not done properly an organization will be exposed to increased risks, ranging from fines to legal actions.
Reducing the exposure to risk, as well as properly securing data is one of the top concerns for any businesses that interacts with clients or customers. A realization that becomes even more serious once the movement of financial data is involved. Take for example PayEm, a company that offers an end-to-end finance platform to businesses worldwide. PayEm’s business model is one of providing Global ACH, check, and card payments across the world, and supporting multiple currencies. PayEm is a perfect example of a business that needs to secure systems and meet compliance regulations.
PayEm had several concerns around security, compliance, and meeting customer expectations. The company turned to Scytale to address numerous operational challenges, including:
- Customers demanding a SOC 2 report: PayEm’s customers and prospects’ security teams started asking to see their SOC 2 report before doing business, and their inability to demonstrate SOC 2 compliance presented a major barrier to sales.
- Overwhelming and foreign SOC 2 process: The PayEm team knew they were not going to be able to handle their SOC 2 audit on their own as they didn’t have any prior SOC 2 experience, so they went looking for the right experts to guide them through the process.
- Maintaining business as usual: PayEm CTO, Omer Rimoch, was aware of the time-consuming and tedious preparation processes associated with SOC 2 and was concerned about this interfering with their business goals.
- Ensuring security oversight across organization: While PayEm takes every measure to ensure the security of its customers’ financial data, there were a few blind spots regarding HR best practices and internal operations. There needed to be robust security practices across the organization.
Scytale exceeded our expectations. We had a team with us from start to finish, that always went the extra mile. Due to this service, we were able to continue operating as normal during the preparation for our SOC 2 audit. With Scytale, our SOC 2 workflows were organized from initiation to completion, which made it the smoothest process we could have asked for.
Omer Rimoch CTO, PayEm
The Results:
- PayEm experienced improved internal security practices regarding HR best practices, such as the onboarding and offboarding processes of employees
- PayEm was able to improve the assessing of risk for 3rd party vendors and the security of the entire organization. In return, this helped them grow as an organization
- PayEm has grown from 10 to 80 employees in the last nine months. Scytale’s solutions helped improve internal security practices, which significantly helped them to scale up
- PayEm is now more prepared for future audits such as the next SOC 2 audit, which will include Privacy, and their ISO 27001 audit
- Unlocked more sales and business opportunities for PayEm with customers who demanded SOC2 reports before doing business
The Future:
The management at Scytale have made their future goals quite clear. The company strives to be a world leader and educator in next-generation compliance for SaaS companies. The company’s vision is one of always being a game-changer in the compliance industry, while also striving to be the creators of new and innovative enhancements that will transform the compliance world and make it smart, simple and effortless.
Closing Thoughts:
Achieving SOC 2 & ISO 27001 compliance is often a complicated task that many organizations initially fail at. What’s more, many of those failures are not discovered until a compliance report is generated or an audit accomplished. Today, SOC 2 & ISO 27001 compliance has become increasingly important for businesses seeking new clients, as those potential clients are looking for assurances that compliance is established.
Scytale has built a platform and service which encapsulates the knowledge needed to effectively ease the deployment and management of SOC 2 & ISO 27001 compliance. The company also possess the institutionalized knowledge that helps its clients to deal with the potential complexities surrounding compliance. Automation plays a big role in easing the journey into a complaint environment. Here, Scytale has integrated a great deal of automation into their platform which speeds many of the necessary chores around compliance.
Scytale set out to make compliance less difficult, if not easy for their clients. The company has achieved that goal and is dedicated to helping its customers be security-conscious businesses, by using Scytale’s carefully designed compliance technology and expert-advisory services.
Want to gain more insights from Cloud Wars Expo?
Starting on July 20th, more than 40 hours of on-demand cloud education content will be available for free to Acceleration Economy Subscribers.
