How Tugboat Helped XOi Generate $6,000,000 in Revenue, Save $150,000 a Year, and Achieve ISO 27001 Compliance

“When we came across Tugboat, I was like, ‘Man, this is exactly what I’m looking for!’ And the more I used it, the more excited I got about it. I’ve literally never, ever been excited about compliance before.”
– Adam Jaggers, CTO of XOi Technologies

Challenges

Scaling security and operationalizing compliance.

XOi has done a stellar job solving manufacturing and facility service companies’ communication problems. Customers “love the transparency” that XOi’s platform (an all-in-one mobile app, knowledge base, and live remote collaboration tool) provides for them.

So, it’s no surprise XOi’s “been on a rocket ship”: they’ve doubled revenue every three quarters for the last two years according to Adam Jaggers, CTO of XOi.

But, to paraphrase the uncle of a friendly neighborhood spider-themed cosplayer, with great growth comes great growing pains.

According to Adam, “We couldn’t go up-market. We built credibility in the last few years, but now we’re really building enterprise-grade momentum and finding that you can’t play in the enterprise space until you’re really mature.”

Adam added, “We’re extremely secure and extremely cautious. And, we’ve been doing all the right things. But, there’s a difference between doing all the right things and proving that you’re doing the right thing.

“It’s really easy to trust everyone on a small development team of 15 because everyone knows the right thing to do. But when you scale that out to 50 to 100 people, it’s hard to educate. Consistency and your processes and procedures definitely get a lot more difficult.”

As part of building that enterprise-grade credibility and security, Adam and his team decided they needed to become GDPR and ISO 27001 compliant. They “had already dealt with a handful of consulting firms and even used one for GDPR compliance.”

“And some of this stuff is pretty dry, but I’m really excited about the platform. The more I use it, the more I’m just a fan boy. We didn’t really find a competing product or technology that approached the problem in the same way that you guys do for me with the built-in expertise.”
– Adam Jaggers, CTO of XOi Technologies

Solution

Scaling security and operationalizing compliance.

Despite their price tag, Adam acknowledged that the firm they hired to help with GDPR compliance was “really super.”

“They had a ton of expertise and helped educate us.” But, “we knew that we couldn’t do the same thing again: we either had to hire someone or we had to figure out a different way to build a program that we could actually manage. And as a SaaS / technology guy myself, we looked for technology that could help with this.”

Adam and his team “looked at a ton of more consulting firms.” And when they came across Tugboat Logic, Adam thought, “‘Man, this is exactly what I’m looking for!’ And the more I used Tugboat, the more excited I got about it. And, I’ve literally never, ever been excited about compliance before.”

Adam goes on, “And some of this stuff is pretty dry, but I’m really excited about the platform and the more I use it, the more I’m just a fan boy. We didn’t really find a competing product or technology that approached the problem in the same way that you guys do for me with the built-in expertise.

Over the course of their research, Adam and his team were impressed by the Tugboat platform, a “compliance platform that has built-in and continuously updated policies and procedures” with “all the things that you would want it to do around” leveraging the GDPR work they’ve done towards getting ISO 27001 certified.

And best of all, the Tugboat platform and team put to rest one of Adam’s biggest worries: lack of redundancy and knowledge of the intimate details of XOi’s security program (he’s the “only person who has [compliance] expertise” on his team).

“Being able to achieve ISO compliance with Tugboat unlocked $6,000,000 in pipeline revenue for us. That’s only just a few clients, but those were clients we literally could not have landed without the Tugboat platform.”
– Adam Jaggers, CTO of XOi Technologies

Results

Achieving ISO 27001 compliance and unlocking $6,000,000 in revenue.

Since adopting the Tugboat platform, Adam’s been able to get complete peace of mind. As he puts it:

“If I get hit by a bus, nobody else knows how the program works, right? With Tugboat, I can operationalize it. I can just assign tasks. And then, you only have to know what you have to know. My Director of DevOps doesn’t have to have deep knowledge of every single policy, but the things that are assigned to him and the evidence tasks that are assigned to him, it’s really easy and intuitive for him to go in and find out how to do the things that he needs to do – and that’s all he needs to be concerned with.”

And, he and his team have been able to make faster-than-expected progress “in about six months” on their ISO 27001 certification.

As he pointed out, 27001 is “in a lot of ways more complicated [than GDPR] and has more impacts on our business because it’s not just about data.” And according to Adam, “we know how we’re going to maintain that program. Going forward, it’s not going to cost us $150,000 every year.”

Adam continues, “We literally could not have achieved – and we’re not done yet – but we literally could not have possibly achieved ISO 27001 without Tugboat. We just don’t didn’t have the resources or the expertise, and we couldn’t go spend another $150,000 in a consulting firm. It wasn’t viable for us.”

Try Tugboat, Get SOC 2 Socks

Tugboat Logic takes the misery and mystery out of passing security audits like SOC 2 and ISO 27001 so you can slay more deals and stay secure. From start-ups like XOi to Fortune 500 companies like Schneider Electric, we’ve got your back like chiroprac.

Check out the PDF version of XOi’s case study.

And to take the suck out of SOC 2 and get those SOC 2 socks, schedule time to see the platform in action, or create a trial account to get started on your SOC 2 (or any other) certification. Note that your trial account is exactly the same thing that our customers use, so what you see is what you get.

Related Articles

Security Awareness Training: Montage Optional

Security Awareness Training: Montage Optional

Creating a plan for Security Awareness Training is only half the battle. Implementing and ensuring that your employees follow that plan regularly is the key to implementing this control. Also, investing in training and security awareness programs is vital for sustainable business growth and success.

read more
Employee Training Plan: Good Plans Go A Long Way

Employee Training Plan: Good Plans Go A Long Way

How you train your employees will largely determine their effectiveness and adherence to company policies. While many practices can be common sense and their skills catered specifically to the job they were hired to perform, a training plan can go a long way to ensure that elements of your organization stay safe, secure and run as smoothly as possible.

read more

0 Comments

Submit a Comment

Pin It on Pinterest

Share This