One of the major frustrations we noticed in our customers is due to the amount of time spent fielding the same questions repeatedly in the form of security questionnaires, security certifications, and report requests. This increases the timeline for deal closures with customers and partners alike. Moreover, this also takes away precious time from engineering teams which otherwise would be better spent on what matters most – building a user-centric product.
As a user-centric company ourselves, we directed our efforts to address this very problem – to build a product focused on building trust in our customers with their ecosystem.
We are thrilled to introduce Trust Vault, Powered by Scrut Automation, a disruptive tool for building trust with prospective customers and partners.
Trust Vault is a single window to streamline certification and report requests, demonstrate security protocols, build real-time transparency into your security and compliance postures, and keep your customers informed with your latest subprocessors.
What is Trust Vault?
Trust Vault allows you to publicly showcase your real-time security posture on your website. Trust Vault helps you emphasize the message that you take information security seriously by unleashing the power of Scrut Automation’s continuous control monitoring.
Trust Vault integrates seamlessly with your website and showcases your certifications and attestations, such as ISO 27001, SOC 2, PCI DSS, and HIPAA, often requested by customers and partners alike. With Trust Vault, your security, sales, and marketing can manage your security reports in one place and provide hassle-free access to prospective customers and partners. Trust Vault allows you to build trust with your ecosystem by demonstrating your commitment to security and transparency.
How can Trust Vault help my business?
Trust Vault streamlines the requests for your security and compliance protocols through public display of information security-related certifications, reports, and attestations, coupled with gated NDA-backed access to detailed reports. The Trust Vault page will always be updated with your latest proofs, backed by underlying smart GRC platform. It enables you to showcase your daily compliance and security measures to external and internal stakeholders.
But most importantly, Trust Vault builds customer trust through a real-time view into your organization’s security and compliance posture, reduces time spent on security reviews, and accelerates your sales cycles
What does the Trust Vault include?
Seamless integration with your website
The Trust Vault can integrate directly with your website and be customized to match your brand and visual identity. Trust Vault allows you to modify the page with the information you want to display, including your logo, description, key points of contact, certifications, assessment reports, and security controls.
All certificates, attestations, and reports that you wish to share will be displayed on your Trust Vault page, including SOC 2, ISO 27001, HIPAA, PCI DSS, and more. A customer or partner can go to the page and request any of these documents at one single location.
NDA-backed gated access
While anyone visiting the Trust Vault page of your website can see the security certifications, attestations, and reports you have, you can restrict access to detailed reports through NDA-backed gated access. A prospective customer or partner can request any of these reports after signing the Non-Disclosure Agreement (NDA). The Trust Vault administrator will receive the request and can decide to approve or deny it. On approving the request, the requester will receive an email with the requested document and the signed NDA.
The Trust Vault page displays the security controls and their status, directly integrated with continuous monitoring through Scrut Automation’s platform. You can customize which controls you wish to showcase. These controls will show the real-time status from the underlying smart GRC platform, removing the effort of manual updates.
Security policies and reports
Trust Vault also acts as the central location to access security reports, such as penetration tests or vulnerability assessments. You can also choose to showcase essential security policies, programs, and protocols that you follow to keep your data safe within your Trust Vault page.
Transparency with respect to your sub-processors, their purpose, and data location reassures customers and partners that you are holistically thinking about information security. Trust Vault automatically pulls your subprocessors from vendors maintained on the smart GRC platform, reducing further manual effort in managing the list of sub-processors.
Searchable security database
Trust Vault automatically builds and updates a searchable knowledge database, from all the completed questionnaires and reports, enabling anyone, whether it be from the security, engineering, marketing, or sales team, to answer security questions from customers and partners with complete accuracy.
Trust Vault, powered by Scrut Automation, is a way to demonstrate your commitment to developing trust-based relationships with your ecosystem.
Scrut Automation is an innovative and radically simple governance, risk, and compliance automation platform for growing startups and mid-market enterprises. With Scrut, compliance teams can reduce ~70% of their manual effort in continuously maintaining compliance towards SOC 2, ISO 27001, GDPR, PCI DSS, HIPAA, and CCPA. Schedule your demo today to see how it works.