Meet Mick England: The DPO that Led Robin’s SOC 2 & ISO 27001 Compliance

Brianna

27 Feb 2023

Meet Mick England, the Data Protection Officer and Trust Champion at Robin.

Out of his 29 years of cloud and security experience, Mick has been with Robin for 6, leading their internal compliance operations and making sure that their customers’ data is secure.

Robin needed to get SOC 2. They also wanted a way to answer security questionnaires faster. Continue on to see how Mick was able accomplish both. 


What is a Trust Champion?

A Trust Champion is the person who helps their organization measure and meet its internal compliance obligations. Their actions support revenue generating activities, protect their organization from legal and contractual liabilities, and enable the organization to confidently and transparently showcase an intentional, robust, and differentiated culture of trust.

Robin’s Story

… began in 2014 when they created their conference room scheduling app. Since then, they’ve established themselves as the hybrid workplace company, and continue to empower people to do their best work by building tech solutions that fuel a flexible and vibrant workplace. 

Although the COVID-19 pandemic caused a major disconnect for companies everywhere, Robin’s platform redefined work and community building for those seeking a hybrid workplace. Their mission was to empower people to do great work, and foster a sense of community regardless of their location– and that’s exactly what they did. 

Today, Robin’s platform can be used by customers to handle various aspects of desk booking, room reservations, and guest management. 

How Robin Stands Out

Robin is a force to be reckoned with. They’ve been featured alongside some big names, like Forbes, the New York Times, and The Wall Street Journal, to name a few. Some of their customers include companies like Samsung and Twitter, and more recently, they closed on a $30M Series C round. Need we say more?

How has Robin been able to achieve so much success? The question can be answered with one simple word: Trust.

The team at Robin understood how crucial trust was in any relationship, which prompted them to take various measures to continuously earn customer trust. An example of this was how they chose to pursue ISO 27001 and SOC 2 compliance, simply because they believed in protecting customer information, and were committed to operational excellence. When asked to give their thoughts on the matter, Robin said that the “safety and security of customers’ data should never be a question in your decision processes, but instead the baseline expectation for all solution providers.”

Robin achieved their ISO 27001 certification back in March 2020, which proved that they had an operational Information Security Management System in place. Robin felt that going forward, having both SOC 2 and ISO 27001 certifications would help earn the trust of their customers at both the national and international levels. 

“At Robin, we take data protection and security controls very seriously. Thousands of customers trust us with information about their workplace on a daily basis and we want to ensure we are doing everything we can to protect their information” – Brian Muse, CTO at Robin

How TrustCloud helped Robin

Achieving these highly coveted certifications was no easy feat. Robin needed to ensure that the approach they took towards compliance was as proactive as possible. Many companies become stagnant after achieving compliance, but Robin needed a program that aligned with their business objectives and commitment to customers. Being able to define and implement controls that would make Robin as secure as possible was most important. 

TrustCloud provided a central repository for Robin’s security controls, policies, and evidence. This laid out the process in a way that made it easy for review. The controls were measured using automated tests against the numerous systems they used. The Trust Cloud automated testing and evidence collection from systems such as Amazon Web Services, Google, Knowbe4, Github, and Datagdog. Automated testing of systems in Robin’s AWS account proved that they adhered to controls they adopted, such as: privilege access, user management, and encryption.

robintrustshare

To see how Robin goes above and beyond, click here to see their TrustShare page. 

TrustCloud helped Robin achieve SOC 2 and ISO 27001 compliance in weeks instead of months. Robin utilized the TrustShare tool via the TrustCloud platform, which allowed them to securely share their compliance program and made it visible to their customers and prospects. Brian Muse – CTO at Robin – had said, “From early days, Robin has believed in being as transparent as possible regarding our security efforts. TrustCloud gives us the ability to house and seamlessly share our documentation with customers and prospects.” 

Thanks to Mick, Robin was able to turn their words into actions. 

Trust Issues: Your Trusted Source for GRC & Security News. Subscribe Now!

Best Practices

When asked what recommendations they had for other companies pursuing SOC 2 or ISO 27001 compliance, Robin said organizations should:

  • Ensure that executive support for the compliance program is communicated throughout the company.
  • Identify a trusted partner that can guide you through the certification process.
  • Gather the necessary resources within your organization.
  • Ensure you have a communication plan once the certification is granted. 

Are You Our Next Trust Champion?

If you’re the Trust Champion of your organization but have yet to streamline your processes, have no fear because TrustCloud is here. 

Schedule a demo today, and we’ll make your compliance journey joyful.