Fable Tech Labs Inc. (“Fable”) connects digital teams to people with disabilities for the purpose of research and accessibility testing. Its platform enables an equitable exchange where businesses can benefit from the experiences of people with disabilities to build more inclusive products and people with disabilities can earn a source of income for their time and expertise. 

Fable empowers some of the biggest Fortune 500 companies, including Slack, Shopify, and Walmart. The company wanted to get SOC 2 Type 2 compliance to provide their enterprise customers with an enterprise information security program.

Highlights

Challenges

• Maintain an InfoSec program without security expertise
• Meet and exceed the security needs of the company's Fortune 500 customers

Solutions

• A single source of truth for all InfoSec program documentation
• A tool that integrates with the company’s team and reduces lift

Results

• Simplified process to get and maintain compliance
• A hub for managing policies, onboarding and offboarding, and collecting evidence 
• Confidence and transparency when talking to customers

Get a SOC 2 Type 2 audit and maintain an InfoSec program without security expertise

Fable was looking to level-up their security posture to meet and exceed the security needs of their Fortune 500 customers.

Naturally, there were concerns the company wouldn’t have the bandwidth or resources to commit to a full SOC 2 project. They needed a tool that would integrate with the team and reduce lift.

A company that sells to enterprise companies, Fable was also overwhelmed by security questionnaires. 

According to Abid Virani, the COO at Fable: "Every time we had to fill out a new security questionnaire, it felt like we were starting from scratch." 

The company wanted to increase efficiency during the tech due diligence process, so they could spend more time building relationships and less time processing paperwork. 

A single source of truth for information security

Fable now has what Virano calls a single source of truth for all their information security program documentation.

They can easily manage policies, from assigning policy reviewers to versioning. Instant reminders enable them to stay on top of all their security and compliance tasks, which means they can confidently share their program with customers when needed.

By automating security questionnaires and relying on the platform to surface the right answers, Fable’s account executives can cultivate stronger relationships with customers, pursue more opportunities, and increase sales output. 

An information security program to be proud of

As of May 6, 2021, Fable is officially SOC 2 Type 2 compliant. Thanks to the team’s hard work, commitment to information security, and help from a dedicated platform, the process was painless. 

After the audit process, Fable noted two significant benefits. First, software simplified the process getting and maintaining compliance, which is important, as Fable intends on staying SOC 2 compliant over the long-term.

Second, the team now has a single source of truth for their entire information security program. Ongoing management of access policies, onboarding and offboarding, evidence collection tasks and policies is now easy for the team. 

Virani is already looking to the future for ways to scale his program and continue offering his customers best-in-class security.

Furthermore, these two benefits have given the team confidence. "When we talk to companies like Walmart or Shopify, they need to know our systems are secure. The platform allows us to talk to customers with confidence and provide them with complete transparency," said Virani. “We’re happy to show customers what’s under the hood because we’re proud of what they’ll find.”

When a company invests in its information security off the bat the way Fable has, it becomes easier to maintain and scale. Today, Fable can provide its customers with a high level of security assurance and prove that when it comes to cybersecurity, it doesn’t just talk the talk.