- Industry: Customer Support CX (Customer Experience)
- Services and Frameworks: vCISO, SOC 2, ISO 27001 Compliance Readiness, Continuous Monitoring
The Company: Conversational AI for next-gen customer experiences
Solvvy is a next-gen chatbot platform founded with the mission to reduce the level of human effort within the support industry—reinventing the customer experience for a more valuable and satisfying support environment. Solvvy serves between the end user and their client’s support team. They help answer any questions that the end users may have, reducing the dependency on human intervention.
As of May 2022, Solvvy reached a notable milestone and was acquired by Zoom. Together they will continue to redefine and elevate customer experiences across the globe for enterprises within a variety of industries.
The Challenge: Emphasizing security while scaling
A primary challenge for chatbot platforms is the end user’s ability to freely type within a provided text field. When someone shares personal or sensitive information, Solvvy must have clear policies, processes, and procedures in place to protect end user data. Clients wanted to ensure all of these requirements and standards
were being addressed to build confidence in their decision to use Solvvy’s technology. Each client had their own unique needs, concerns, security questionnaires, and more—which impacted the sales and decision making process.
As they continued to scale to mid-market clients, there was a clear need to put security standards at the forefront of their efforts. Solvvy’s goal was to have an educated security presence, with a more defined security team of subject matter experts who can recognize issues, questions, and concerns from clients, and respond with proper policies and documentation quickly and efficiently.
The Solution: Industry-leading security and compliance capabilities
Solvvy required a dedicated cybersecurity team to assist them with obtaining their certifications and becoming compliant with various frameworks, while also being a resource for new and existing business, plus continuous compliance monitoring. Rhymetec’s vCISO Services addresses ongoing security efforts and questionnaires with clients, and provides team training on secure development practices. This improves their overall security awareness and software development lifecycle by embedding a security focused mindset. Plus, utilizing Rhymetec as Solvyy’s dedicated cybersecurity team reinforces their standards with security and data privacy, building trust with clients and helping them prepare for new phases of growth.
Vanta’s platform achieves ongoing maintenance and management of compliance, while enabling Solvvy to export reports at any time. Solvvy maintains compliance with SOC 2 and ISO 27001, continuously observes their security posture, and is able to provide the necessary security documentation with ease throughout the acquisition process. Throughout their engagement, Rhymetec has utilized Vanta as the source of truth for compliance, which allowed Solvvy to comfortably sell to mid-market clients.
The Results: Foundational security, an accelerated sales cycle and increased trust
With Rhymetec and Vanta, Solvvy has created a more security focused approach to internal processes, and are able to maintain security standards with multiple cybersecurity and data privacy frameworks. With a strong security posture in place, Solvvy can continuously monitor for any compliance gaps and are armed with the tools and security expertise if any happen to arise.
With solid security measures in place and the ability to transparently share policies and procedures, the teams are able to improve client engagement and sales processes. Moreover, they can be proactive in preparation for security questions throughout phases of growth. This, in turn, helps to close deals faster by getting ahead of security conversations with proof of a dedicated security team through Rhymetec, and having a source of truth for compliance with Vanta.
“Being a smaller startup, we take security very seriously, and have always had the policies in place to ensure we are protecting our clients and end users. During the acquisition, we had to send a variety of documentation… being able to export anything from Vanta at any time allowed us to get ahead of the conversation. Also with the overall responsibilities that are handled by the Rhymetec team—security processes, questionnaires, taking calls with clients—credibility helps.”
Prasad Kamthekar, Lead