Building Customer Credibility
Mark Petry, eventcore’s Director of Security and Compliance, truly understands the value of cybersecurity certifications. He has lived and breathed technology throughout his career and knows cybersecurity compliance is imperative to customer trust and credibility. Mark recognized it was important for eventcore, a small business focused on creating solution-centered event registration services, to convey to their current and potential customers how seriously the company takes data security. With Mark’s lead, eventcore identified the need to put better processes and procedures in place and began working toward obtaining a SOC 2 report and ISO 27001 certification.
“While there are many benefits to earning a SOC 2 report and ISO 27001 certification, my main driver was to increase eventcore’s credibility in the eyes of our customers,” said Mark. “As a small business, we are always trying to make ourselves better by improving processes, building and maintaining documentation, and creating a culture of continuous improvement based on feedback when corrective action is needed.”
The discipline that cybersecurity assessments put in place is exactly what eventcore needed to push their security to the next level.
Finding the Right Fit
In 2020, Mark received approval to begin searching for an auditing firm. He put out an RFP and received four quotes for SOC 2 and an ISO gap analysis.
“Being a small business, I didn’t feel it was necessary to pay top dollar and go with one of the ‘big four’ auditing firms,” said Mark. “While price is always a factor, I was really looking for a tech savvy firm that understood our needs.”
Mark chose A-LIGN as their auditing firm because of their technology background, professionalism and responsiveness. “I was attracted to A-LIGN’s company culture and agility in the marketplace,” said Mark. “A-LIGN isn’t like other auditing firms that seem slow moving and only take in documentation and push out a letter afterward. A-LIGN acts as a true partner in the auditing process, guiding our team and providing comprehensive support.”
Earning a SOC 2 Report and ISO 27001 Certification
As soon as eventcore partnered with A-LIGN, they immediately started the assessment process. “Our SOC 2 assessment went smoothly as did our ISO gap analysis,” said Mark. “Along the way, A-LIGN was very helpful and professional as they were an excellent auditing firm and partner in the process. Even though I’m an experienced security and compliance professional, eventcore is a small business and the guidance I received from A-LIGN during the auditing process was extremely valuable.”
With a background in technology, Mark also found a great deal of value in A-LIGN’s software tool, A‑SCEND. He felt that A‑LIGN’s investment in a software tool to support the auditing process speaks volumes to their commitment to being relevant and cutting edge in a marketplace where A‑LIGN’s customers are high tech.
“A-SCEND is a real differentiator,” said Mark. “The tool allows me to view status, sort information, and export reports—it works really well. The A‑SCEND platform is a really important, valuable piece of A‑LIGN.” Mark was very impressed with the search feature, how the tasks appear on the board, the easy-to-read dashboard and the ability to export data into a spreadsheet.
Changing the Mindset
Mark’s guidance, combined with A-LIGN’s expertise, drove eventcore to successfully complete a SOC 2 assessment and ISO gap analysis, helping to build customer credibility. “I give A-LIGN top marks in just about everything,” said Mark. “A-LIGN helped us to change the mindset of our company. This is the first time we’ve defined a process for incident management, service interruption and post-audit review. Defining these processes made our small business run much more efficiently and greatly aided my goal of continuous improvement.”
Mark appreciates that ISO 27001 has a three-year engagement window and eventcore is held accountable throughout this time period. This window results in the company being more disciplined in order to meet ISO requirements and has created a supporting infrastructure to uphold operational excellence.
When eventcore earned their SOC 2 report, Mark understood the importance of promoting this achievement. He placed the logo on the company’s website, pushed out external announcements and provided his sales team with talking points around the report. “It’s all about credibility to our customers,” said Mark. “They need to know that we take data security seriously and are doing everything in our power to be sure their most valuable assets are safe with us.”
About eventcore
Seattle-based eventcore provides highly-customized technical solutions and professional services for event registration and platform tools. eventcore helps clients achieve success through its suite of enterprise-level solutions that form the technical foundation of premier events designed to make an impact. For more information, visit the company online: eventcore.com.