Product Habits - I had this nagging feeling

After building software for 16 years, I’ve learned to listen to my gut when it comes to selling SaaS products.

Early on during our pivot to Nira, I had this nagging feeling.

In order to sell SaaS products in today’s environment, we would need to address any and all security concerns that our potential customers had. I believed that by embedding a security mindset into our business as early as possible, it would help potential customers buy and adopt our product faster. 

It was during a leadership team meeting with my co-founder and our CTO - and I knew Marie and Steve weren’t expecting this from me - but I blurted out “We need to get our SOC 2 asap.”

We were already stretched thin, trying to build our real-time document access control product as fast as possible to meet customer demand. Marie and Steve naturally looked at me as if I was crazy. How were we going to carve out time and resources to do this too?

It’s more necessary than ever to make sure that your customer feels extremely comfortable about your security and compliance practices.

I knew in my bones that this was true, but I had to take the team on the journey with me.

Bottom-up SaaS adoption has caused IT to require companies to prove that their security practices are adequate to protect customer data. Tools used to spread easily throughout the org if users wanted them. Tons of unicorns have been built on that land and expand model.

But a shift has happened. IT now has more power to dictate the tools that people use. 

Every SaaS product, if it’s going to scale to a single department or up to a whole company, or if they are going to store company data, needs to make the IT and security departments at their customer’s companies happy. Or else they won’t buy the tool.

Every company that sells to other companies has to take security and compliance extremely seriously at this point. Cybersecurity is no longer an afterthought or a nice-to-have. Security is becoming every single person’s responsibility in the company to help. Even the smallest customers care now.

I was able to get Marie and Steve on board with getting our SOC 2 Type 2 as early as possible. And now, the three of us are super aligned on the absolute importance of security and compliance.

It’s not just about being enterprise ready. It’s about being security-minded as a company and making sure it’s woven into the fabric of the company’s DNA.

If you’re considering getting any compliance certifications, like SOC 2, ISO, or HIPAA, here are a few triggers that should help you know when it’s the right time:
  • Your customer cares about security and compliance. It could be because of their size, the buyer you’re selling to (i.e. IT, legal, security), the industry the company is in, or their customers’ requirements.
  • You are confident that you’ll be selling to customers that need these certifications in the near future.
  • You’re already being turned down by potential customers because you don’t have your SOC 2 (or another certification).
  • You are building a company in the security or compliance space.
  • Your company started and grew before SOC 2 existed and you’re now playing catch-up to make sure customers don’t churn.
In the coming weeks, I’ll be diving deep into how we’ve developed a security mindset at Nira by getting our SOC 2 Type 2 certification and more.

Hit reply if you’ve got questions or comments about security and compliance, I’ll make sure your questions get answered.

Take care,

Hiten











Copyright © 2021 Up Advisors, LLC., All rights reserved.
You received this email because you signed up to get emails from Product Habits.

Our mailing address is:
Up Advisors, LLC.
13337 South St. #269
Cerritos, California 90623

Add us to your address book


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list

Older messages

What COVID changed about hiring

Monday, June 21, 2021

So much changed during COVID—including how tech companies hire. Here's a peek into what changed at Facebook. Hiten's Pick A Project of One's Own I enjoyed Paul Graham's latest essay

Marie’s AMA was 🔥

Thursday, June 17, 2021

The most upvoted question was from Walter Chen, a founder of Sacra... The most upvoted question was from Walter Chen, a founder of Sacra: “one problem i encounter is getting really excited about an

How people discover new products

Monday, June 14, 2021

Beyond obvious ways to grow, like social media ads and SEO, here's what you should be doing to build product awareness. Hiten's Pick Lessons Learned Working With Zuckerberg for 13 Years Dan

Ask my co-founder anything

Wednesday, June 9, 2021

Marie is doing an AMA on Product Hunt and will be answering your questions tomorrow... Marie is doing an AMA on Product Hunt and will be answering your questions tomorrow. Ask Marie anything. Seriously

Nira is live

Tuesday, June 8, 2021

Because you've been on the journey with us, I wanted to share all the details about my new product with you first... Our new website is live! FYI is now Nira. Because you've been on the journey

You Might Also Like

ASP.NET Core News - 03/29/2024

Friday, March 29, 2024

View this email in your browser Get ready for this weeks best blog posts about ASP.NET Core! This newsletter is sponsored by elmah.io - the most advanced, yet so simple to set up, error logging and

New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking

Friday, March 29, 2024

THN Daily Updates Newsletter cover Refactoring in Java ($36.99 Value) FREE for a Limited Time Refactoring in Java serves as an indispensable guide to enhancing your codebase's quality and

Post from Syncfusion Blogs on 03/29/2024

Friday, March 29, 2024

New blogs from Syncfusion Introducing the New .NET MAUI Chat Control By Piruthiviraj Malaimelraj This blog explains the features of the new Syncfusion .NET MAUI Chat control added in the 2024 Volume 1

Re: Last Chance

Friday, March 29, 2024

Dear there, By this time tomorrow, your exclusive new subscriber discount will be gone and you'll have to pay twice as much to join Insider and master everything your iPhone has to offer. If, like

Hacker Newsletter #694

Friday, March 29, 2024

Always forgive your enemies - nothing annoys them so much. //Oscar Wilde hackernewsletter Issue #694 // 2024-03-29 // View in your browser Happy Easter if you celebrate it! Heads up - we're taking

Apple RCS 📱, SBF's 25 year sentence 👮, Linux Foundation's Redis fork 👨‍💻

Friday, March 29, 2024

RCS is coming to the iPhone in the fall of 2024 Sign Up|Advertise|View Online TLDR Together With Veracode TLDR 2024-03-29 Build fast, build secure (Sponsor) Software is drowning in security debt.

Data Science Weekly - Issue 540

Friday, March 29, 2024

Curated news, articles and jobs related to Data Science, AI, & Machine Learning ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

This Week in Rust #540

Friday, March 29, 2024

Email isn't displaying correctly? Read this e-mail on the Web This Week in Rust issue 540 — 27 MAR 2024 Hello and welcome to another issue of This Week in Rust! Rust is a programming language

The Value Of A Promise 🤞

Friday, March 29, 2024

How much is a promise from a tech company really worth, anyway? Here's a version for your browser. Hunting for the end of the long tail • March 28, 2024 The Value Of A Promise When you hear a

New Elastic Security for SIEM Training Course

Friday, March 29, 2024

Detect and respond to evolving threats ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ elastic | Search. Observe. Protect Detect anomalies and malicious behavior March