Accelerating SOC 2 Type 1 Compliance for Squiz

Achieving compliance with industry standards is often a resource-intensive and time-consuming process. For organisations facing tight deadlines and limited resources, it’s not just about completing the compliance journey — it’s about achieving compliance efficiently, without compromising quality or incurring heavy upfront costs. The question is: How can they achieve this?

Squiz: Future-Proofing with SOC 2 Certification

Squiz is a global leader in Digital Experience Platform (DXP) solutions. Extending beyond traditional content management, their platform empowers marketers to build, optimise, and manage sophisticated digital experiences at scale, using AI-powered tools that simplify complex tasks.

With significant growth in its customer base and expanding market presence across Australia, New Zealand, the United States, the United Kingdom, and Europe, Squiz faced increasing pressure to validate its security and compliance posture. Achieving SOC 2 certification would best serve customer requirements and regulatory standards, but the traditional six-month certification timeline posed potential business constraints.

To address Squiz’ challenge, DNX Solutions orchestrated a strategic partnership, working with key organisations to deliver a comprehensive, end-to-end compliance solution:

DNX Solutions – Leading the project with deep AWS cloud security expertise and compliance consulting
Vanta – Automating compliance monitoring and evidence collection
AssuranceLab – Providing independent audit and validation of compliance efforts

This collaborative, ‘compliance-in-a-box’ model removed the complexity of managing multiple vendors by creating a unified approach under DNX’s guidance. With each partner playing a critical role, the process became more efficient and predictable, allowing Squiz to focus on its core business while DNX ensured all aspects of the compliance journey were coordinated and executed to the highest standard.

Squiz’s Goals and Existing Technology Landscape

As Squiz expanded its global reach and customer base, strengthening its security and compliance posture became a priority. Achieving SOC 2 Type 1 certification was a key step to meet client requirements and support continued growth. With ISO 27001 certification already in place, Squiz aimed to fast-track the SOC 2 process to align with the client expectations and stay ahead of market demand.

• Accelerated Timeline to Meet Client Needs. While SOC 2 certification typically takes around six months, Squiz needed to complete the process in just three months. This urgency was driven by client expectations and Squiz’s desire to build on their existing ISO 27001 framework, ensuring faster completion without compromising quality.
• Complex Technical Landscape. Squiz’s multi-region AWS infrastructure, spread across multiple accounts, required careful coordination and consistent implementation of security controls. The team needed to ensure comprehensive and well-integrated security measures across all environments.
  
• Global Coordination. With teams distributed across multiple time zones, managing a large, technically diverse engineering workforce required clear communication and effective planning. The project had to account for different working hours while maintaining consistent progress and alignment.
• Compliance Framework Alignment. Squiz needed to maintain their existing ISO 27001 certification while implementing SOC 2 controls. This required careful alignment between the two frameworks to ensure that new controls complement existing ones without disrupting current compliance measures. The team needed a harmonised approach that satisfied both standards while optimising efficiency.
• Technology Integration. Integrating the Vanta compliance platform into Squiz’s existing toolset – including AWS services, Jira for project management, Git for version control, and Confluence for documentation – required careful planning and extensive training to ensure team members could effectively use these tools in their daily workflows without disrupting ongoing operations.

xComply: DNX’s Unique Approach to Compliance

To help Squiz achieve SOC 2 Type 1 certification within three months, DNX Solutions delivered xComply – our unique compliance solution that brings together DNX’s expertise, Vanta’s automation platform, and AssuranceLab’s audit capabilities. xComply is built for agility and reusability, allowing us to speed up projects by leveraging proven templates, frameworks, and best practices from previous engagements. This reduces manual effort, lowers costs, and enables scalability for future compliance initiatives. DNX’s approach is not a one-size-fits-all solution – it’s flexible, evolving with the project to meet specific needs, budgets, and timelines.

Phased Approach

DNX Solutions applies a project-based, phased approach to every compliance engagement, ensuring continuous delivery of measurable value throughout the process. Rather than waiting for the final milestone, our method breaks the compliance journey into manageable stages, aligning progress with immediate business priorities. This ensures the process is not only efficient but adaptable, accounting for budget constraints and any changes that may arise during the project.

Training Workshops for Knowledge Transfer

True to our core value of empowering clients through knowledge transfer, DNX conducted hands-on workshops with Squiz’s internal teams, ensuring they were equipped to manage the compliance environment post-project. We don’t just implement solutions and walk away – we enable teams to confidently use the tools and processes we’ve put in place. By training Squiz’s engineers on the Vanta platform and guiding them on interpreting compliance data, we ensured the organisation was ready to take ownership of future compliance efforts, fostering long-term success.

Direct Communication

DNX established and managed direct communication channels between Squiz, Vanta, and AssuranceLab, creating an environment of agility and transparency. Real-time problem-solving, feedback loops, and ongoing check-ins accelerated progress and allowed for immediate resolution of any roadblocks. This collaborative rhythm was key to maintaining project momentum and aligning all stakeholders.

Automated Compliance Process with Vanta

Vanta’s platform played a crucial role in automating the compliance process, reducing the time required to achieve SOC 2 Type 1 certification by approximately 50%. Its automation capabilities allowed continuous monitoring and evidence collection, significantly streamlining the audit preparation phase.

External Validation for SOC 2 Certification by AssuranceLab

AssuranceLab served as the audit partner, providing external validation of the remediation work completed by DNX Solutions and Squiz. Their involvement ensured all compliance measures met the rigorous SOC 2 Type 1 certification standards.

Accelerated Success: Measurable Outcomes of Squiz’s SOC 2 Journey

The xComply solution, developed and delivered by DNX Solutions, drove significant results for Squiz, transforming their approach to security and compliance. More than just a certification project, xComply established a scalable and sustainable compliance framework that will continue to support Squiz’s growth and security posture long after project completion.

Acting as the central point of contact, DNX orchestrated the entire process, streamlining communication and coordination between Vanta, AssuranceLab, and Squiz’s internal teams. This single point of accountability simplified the project for Squiz, reducing the complexity that often comes with managing multiple vendors. By having DNX lead and conduct every stage of the project, Squiz benefited from faster decision-making, efficient workflows, and seamless collaboration – minimising disruptions and accelerating the path to compliance.

• Accelerated Timeline

The team completed the SOC 2 Type 1 certification process in just 90 days — half the typical six-month timeline. This rapid execution allowed Squiz to immediately begin their audit process, meeting urgent business demands without compromising thoroughness.

• Significant Cost Efficiency

Through the strategic use of automation and DNX Solutions’ streamlined methodology, Squiz realised substantial cost savings between $100,000 and $150,000. These savings didn’t just represent avoided expenses – they freed up capital that Squiz could reinvest into innovation, product development, and other growth areas. The reduced reliance on manual effort and optimised use of resources ensured Squiz could scale their compliance efforts efficiently while maintaining their focus on core business objectives.

• Enhanced Security Infrastructure

The project delivered benefits beyond certification alone. Squiz’s AWS infrastructure underwent comprehensive improvements, aligning with both SOC 2 requirements and AWS security best practices. This enhancement strengthened their overall security posture while establishing a robust foundation for future compliance initiatives.

• Operational Efficiency

By leveraging Vanta’s automation capabilities, the team achieved a 50% reduction in time spent on compliance-related tasks. The automated evidence collection and monitoring systems streamlined traditionally time-consuming processes, particularly in the critical audit preparation phase.

• Validated Compliance Framework

AssuranceLab’s thorough external validation confirmed that all compliance measures met and exceeded SOC 2 certification standards. This independent verification ensured the robustness of the implemented controls and processes.

• Long-Term Impact

The project’s success extended beyond immediate certification. Squiz emerged with enhanced capabilities for managing their security and compliance programs independently. The implemented tools, processes, and knowledge transfer established during the project created a sustainable framework for maintaining and improving their security posture over time.

Key Success Factors

• Automated Tooling: The integration of Vanta for continuous compliance monitoring, implementation of Plerion for security scanning, and utilisation of existing AWS security services significantly reduced manual efforts and streamlined the process.
• Clear Communication: Regular bi-weekly status meetings, dedicated Slack channels, and consistent executive updates kept all stakeholders aligned, improving project efficiency and ensuring no bottlenecks.
• Leveraging Existing Controls: DNX Solutions built upon Squiz’s existing ISO 27001 framework, utilising established security policies, procedures, and adapted monitoring systems to expedite the process.
• Expert Collaboration: DNX’s AWS and security expertise, AssuranceLab’s compliance guidance, and Squiz’s strong technical foundation created a solid partnership, ensuring a smooth and successful certification process.

Squiz: Achieving SOC 2 Certification in Record Time with xComply

The successful completion of the SOC 2 Type 1 certification for Squiz showcases the power of expert consultancy from DNX Solutions, advanced automation tools like Vanta, and the audit expertise of AssuranceLab. This collaboration not only accelerated the compliance process but also set a new benchmark for future projects within the organisations.

Looking forward, Squiz is now better positioned for a streamlined path to SOC 2 Type 2 certification, enhanced market competitiveness, improved customer trust, and stronger security practices. The project has also paved the way for more efficient compliance processes moving forward. This case study highlights how strategic collaboration, automation, and clear communication can expedite compliance initiatives while maintaining high standards of security and quality.