By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Case Study
August 12, 2024

How Secureframe Accelerated Their Product Roadmap for Moving Upmarket

Discover how Secureframe, an all-in-one platform for integrated security compliance, used OneSchema to accelerate upmarket momentum and refocus their engineering resources back to their core product.

Sol Chen
Sol is the Chief of Staff at OneSchema.
“Often, data import is one of the first things customers do. If you receive error messages and have to go through a lengthy process with customer support during onboarding, your impression of us is negative before even getting to the core product. It’s such a critical point.”
Chintan Parikh
VP Engineering, Secureframe
“Shifting left on customer expectations is a significantly better experience, reducing loads on customer support teams and decreasing engineering friction.”
Reet Chowdhary
Software Engineer, Secureframe
“Even if we staffed a full-time engineer on this, it would not have been the level of good user experience that OneSchema provides.”
Reet Chowdhary
Software Engineer, Secureframe
“It just worked. I only had to explain the abstraction layer to other teams once and they were able to build their own validations.”
Reet Chowdhary
Software Engineer, Secureframe
“In hindsight, OneSchema really provided more value than we expected.”
Chintan Parikh
VP Engineering, Secureframe
Launch CSV import in minutes
Companies like Ramp, Toast, Scale AI, and Vanta trust OneSchema to provide a delightfully guided spreadsheet import experience for their customers.

Request a demo

Challenge

Secureframe helps thousands of companies build, maintain, and automate compliance procedures.  Traditionally, companies have used giant spreadsheets to track the end-to-end process complying with various frameworks, slowing down the audit process and increasing the likelihood of error. Secureframe simplifies compliance by automating risk assessments and monitoring third-party vendors’ compliance statuses. 

As Secureframe moved upmarket to serve enterprise customers, they needed to extend their powerful solution to the long tail of compliance frameworks specific to each of their customer’s needs. 

Companies typically store these framework requirements in spreadsheets. When Secureframe first expanded into these custom compliance requirements, the team used their internal CSV importer to upload the frameworks on behalf of their customers. However, the unique and complex data validation requirements for every use case quickly became a major bottleneck, drawing engineering bandwidth away from core product development. Because of this, they revamped the process completely with Custom Frameworks - a fully external facing workflow which would allow their customers to complete the upload themselves. 
{{quote-1}}

In switching over to Custom Frameworks, the CSV Import experience for Secureframe needed to become exceptionally intuitive to allow customers to self-serve without a support team member to guide them. Optimizing the UX for this import process became even more crucial when selling to upmarket companies with highly selective evaluation processes for their new tools. 

After initially doing the uploads in-house, the answer to the build vs. buy dilemma was obvious – they needed to purchase an enterprise-grade customer facing CSV Import solution.

Results

With OneSchema, Secureframe implemented a robust CSV import solution in less than a single day. 

OneSchema’s library of 50+ prebuilt validations made supporting the complex data in Custom Frameworks simple. Prior to OneSchema, spreadsheet imports for Secureframe’s internal CSV importer often failed at the database level, which meant extra engineering work to debug the issue as well as operational friction. Errors often also took the cryptic form of “import error on line 62.” - providing no information on how to resolve the issue. It was both frustrating for customers, who faced lengthy onboarding periods, and time-consuming for support teams, who would often have to triage these tickets to engineering. 

With features such as the Data Normalization Engine and Intelligent Mapping, Secureframe was able to shift left on customer expectations. Further, OneSchema’s 1-click mode automatically mapped and transformed uploaded files, reducing the burden on customers to sanitize and fix data in individual cells. 

{{quote-2}}

With actionable error messages, customers were able to identify and fix issues within their spreadsheets without having to create support tickets. Instead of hundreds of emails from customers about CSV imports, Secureframe has only received a few CSV Import related tickets in over 1 year after implementing OneSchema. 

With OneSchema, the Secureframe team was able to accelerate in closing enterprise contracts, get customers to the value of their product faster, and refocus their engineering efforts back to the core areas of their product. 

{{quote-3}}

Expansion

Secureframe originally engaged OneSchema for their Custom Frameworks product, but the team soon realized that CSV import was consistently a critical feature that helped differentiate them against competitors as they moved upmarket. Secureframe quickly expanded OneSchema’s embeddable guided spreadsheet into two additional product lines - Risks and Third-Party Risk Assessments (TPRM), both of which were traditionally managed through unruly Excel spreadsheets. 

One of the most significant improvements for Secureframe is also an underrated one. After integrating OneSchema, Secureframe’s product and engineering teams have increased their velocity by being able to launch streamlined import processes with little effort, without having to think about maintenance or technical debt afterwards. 

{{quote-4}}

Today, the team thinks of OneSchema as part of their infrastructure – something they can depend on as they continue to move upmarket and serve even larger enterprises. CSV imports are no longer a bottleneck on their growth and instead a key feature as they continue to help their customers automate compliance, improve security, and reduce risk. 

{{quote-5}}

{{blog-content-cta}}

Challenge

Secureframe helps thousands of companies build, maintain, and automate compliance procedures.  Traditionally, companies have used giant spreadsheets to track the end-to-end process complying with various frameworks, slowing down the audit process and increasing the likelihood of error. Secureframe simplifies compliance by automating risk assessments and monitoring third-party vendors’ compliance statuses. 

As Secureframe moved upmarket to serve enterprise customers, they needed to extend their powerful solution to the long tail of compliance frameworks specific to each of their customer’s needs. 

Companies typically store these framework requirements in spreadsheets. When Secureframe first expanded into these custom compliance requirements, the team used their internal CSV importer to upload the frameworks on behalf of their customers. However, the unique and complex data validation requirements for every use case quickly became a major bottleneck, drawing engineering bandwidth away from core product development. Because of this, they revamped the process completely with Custom Frameworks - a fully external facing workflow which would allow their customers to complete the upload themselves. 
{{quote-1}}

In switching over to Custom Frameworks, the CSV Import experience for Secureframe needed to become exceptionally intuitive to allow customers to self-serve without a support team member to guide them. Optimizing the UX for this import process became even more crucial when selling to upmarket companies with highly selective evaluation processes for their new tools. 

After initially doing the uploads in-house, the answer to the build vs. buy dilemma was obvious – they needed to purchase an enterprise-grade customer facing CSV Import solution.

Results

With OneSchema, Secureframe implemented a robust CSV import solution in less than a single day. 

OneSchema’s library of 50+ prebuilt validations made supporting the complex data in Custom Frameworks simple. Prior to OneSchema, spreadsheet imports for Secureframe’s internal CSV importer often failed at the database level, which meant extra engineering work to debug the issue as well as operational friction. Errors often also took the cryptic form of “import error on line 62.” - providing no information on how to resolve the issue. It was both frustrating for customers, who faced lengthy onboarding periods, and time-consuming for support teams, who would often have to triage these tickets to engineering. 

With features such as the Data Normalization Engine and Intelligent Mapping, Secureframe was able to shift left on customer expectations. Further, OneSchema’s 1-click mode automatically mapped and transformed uploaded files, reducing the burden on customers to sanitize and fix data in individual cells. 

{{quote-2}}

With actionable error messages, customers were able to identify and fix issues within their spreadsheets without having to create support tickets. Instead of hundreds of emails from customers about CSV imports, Secureframe has only received a few CSV Import related tickets in over 1 year after implementing OneSchema. 

With OneSchema, the Secureframe team was able to accelerate in closing enterprise contracts, get customers to the value of their product faster, and refocus their engineering efforts back to the core areas of their product. 

{{quote-3}}

Expansion

Secureframe originally engaged OneSchema for their Custom Frameworks product, but the team soon realized that CSV import was consistently a critical feature that helped differentiate them against competitors as they moved upmarket. Secureframe quickly expanded OneSchema’s embeddable guided spreadsheet into two additional product lines - Risks and Third-Party Risk Assessments (TPRM), both of which were traditionally managed through unruly Excel spreadsheets. 

One of the most significant improvements for Secureframe is also an underrated one. After integrating OneSchema, Secureframe’s product and engineering teams have increased their velocity by being able to launch streamlined import processes with little effort, without having to think about maintenance or technical debt afterwards. 

{{quote-4}}

Today, the team thinks of OneSchema as part of their infrastructure – something they can depend on as they continue to move upmarket and serve even larger enterprises. CSV imports are no longer a bottleneck on their growth and instead a key feature as they continue to help their customers automate compliance, improve security, and reduce risk. 

{{quote-5}}

{{blog-content-cta}}

Stay Connected

Subscribe to receive our newsletter.