BigSpring stands out not only for its innovative approach but also for its unwavering commitment to data security and trust. Recognizing the increasing importance of safeguarding sensitive information, BigSpring embarked on the journey to achieve SOC 2 Type 2 compliance. This rigorous certification, developed by the American Institute of CPAs (AICPA), evaluates how well a company manages and protects data across five key trust principles: security, availability, processing integrity, confidentiality, and privacy.
For BigSpring, the decision to pursue SOC 2 compliance was more than a strategic move; it was a testament to their dedication to providing clients with confidence in their data handling practices. By partnering with TrustCloud, BigSpring streamlined the compliance process, ensuring that their internal controls met the stringent requirements set forth by the AICPA. This proactive approach not only fortified their security posture but also enhanced their credibility in the eyes of clients and partners.
Meet the trust champions of BigSpring
What is a Trust Champion?
A Trust Champion is the person who helps their organization measure and meet its internal compliance obligations. Their actions support revenue-generating activities, protect their organization from legal and contractual liabilities, and enable the organization to confidently and transparently showcase an intentional, robust, and differentiated culture of trust.
Arun Nagarajan, co-founder & CTO, has led the compliance journey at BigSpring. Previously, Arun was the Director of Engineering at Uber; before that, he was a tech lead at Google.
Yin Yin, Director of Operations, was a founding member, COO, and Head of Customer Success at Uniply (formerly known as COMPAS), where she led the team in building global expansion software for B2B startups.
Rajesh Ghosh, Head of Engineering, assisted with all aspects of the technical side of the compliance process.
Dharsan Viswanathan, Data Engineer, has a vast knowledge of data engineering, which includes Cloudera, AWS, Machine Learning, and data mining.
Gabriel Brunacci, Software Engineer, oversaw many backend functions of the compliance process.
Together, their strong expertise and varying experiences make for the ultimate compliance team.
BigSpring’s story
In 2018, Bhakti Vithalani, Founder & CEO, was on a mission to create a platform that could provide a direct path to progress for everyone. BigSpring is an AI-powered SaaS work readiness platform that gets people job-ready, not test-ready. The platform creates work-ready talent at a pace that matches rapidly evolving market needs.
BigSpring does this with a learn-by-doing model. Users learn new skills through bite-sized content created by their peers and co-workers. Then users record themselves demonstrating what they’ve learned. This creates a channel for feedback and coaching at scale. Big Spring users say it’s ‘TikTok for work.’
To see how BigSpring works, click here.
How BigSpring stands out
The World Economic Forum selected BigSpring as a Technology Pioneer in 2020, which is a pretty huge feat, especially when looking at past recipients of this prestigious award: Google, Twitter, Airbnb, and Palantir. BigSpring’s reach extends globally to over a million learners with customers such as Google, Facebook, Uber, Samsung, AXA Insurance, Sotheby’s, Tata Group, and others.
It’s evident that BigSpring has become one of the most game-changing and innovative platforms out there, but what makes them so successful? The answer is simple: their desire to help people become the best version of themselves.
To do this, the BigSpring team knew they’d also have to practice what they preach with their internal operations. If they wanted their users to learn and implement best practices, so would they.
BigSpring’s joyfully crafted compliance experience
BigSpring’s readiness platform is relevant to many companies that handle sensitive data and have stringent requirements for their SaaS (software as a service) partners. They decided to pursue SOC 2 to assure their clients and prospects that their security measures exceeded the global gold standard, accelerating commercial efforts.
The journey wasn’t easy, though. One challenge they faced was getting all their team members to stay organized and up-to-date on where they stood for each control. On top of that, none of the team had ever really led an SOC 2 process previously, so another issue was determining what constituted compliance for a particular control. This also meant figuring out what level of detail was required for the evidence. Due to the strict nature of audits, they needed to ensure steady progress during the months of preparation.
“The TrustCloud Platform became our single source of truth for all things SOC 2, where every team member could check on progress and submit the information that they were responsible for.”
BigSpring accelerated their auditing process to completion using TrustCloud, a platform with “helpful hints and templates for controls.” In addition to using TrustCloud, they found that the TrustCloud team also helped them stay on track by providing practical guidance.
Thanks to Arun, Yin, Rajesh, Dharsan, and Gabriel, BigSpring and its users are now better equipped to reach their full potential.
Best practices
BigSpring’s SOC 2 journey offers a blueprint for organizations aiming to streamline compliance while fostering a culture of trust. One key best practice is assembling a cross-functional team that spans technical, operational, and business domains to ensure every control category is properly addressed.
Assigning dedicated team leads for both technical and operational areas keeps contributors organized, accountable, and motivated throughout the audit process. Equally important is communication: informing the wider organization about the purpose and requirements of SOC 2 early on ensures employees understand their roles, such as keeping laptops updated or submitting documentation on time.
Leveraging a centralized platform, like TrustCloud, to track progress, submit evidence, and access control templates further accelerates preparation and reduces confusion. By combining structured teamwork, clear leadership, proactive communication, and the right tools, organizations can make SOC 2 compliance not only achievable but also a seamless and confidence-building experience that strengthens trust internally and externally.
When asked what recommendations they had for other companies pursuing SOC 2 compliance, BigSpring said organizations should:
- Assemble a cross-functional team to cover all required categories.
- Assign a team lead for the technical areas and one for the operational areas, which can keep the rest of the contributors engaged and organized.
- Inform the rest of the organization about the importance of the effort at the start and give a heads-up about what is required of them, e.g., to ensure their laptops are up-to-date.
Want to become a trust champion for your organization?
Leading your organization’s compliance journey can feel overwhelming, especially when processes aren’t fully streamlined. But you don’t have to navigate it alone. TrustCloud is here to simplify, organize, and guide every step of your SOC 2 or compliance journey. With intuitive tools, helpful templates, and practical guidance, you can track progress, submit evidence, and stay on top of controls effortlessly.
Transform compliance from a stressful obligation into a confident, structured, and even joyful process.
Schedule a demo today, and we’ll make your compliance journey joyful.
