Achieve infosec compliance without the headaches
Manage your risk and maintain compliance with ease
Evidence requests, questionnaires, penetration tests, all-in-one
Meet your auditor on day 1 and eliminate any surprises
Connect to the tools that matter most for your audit
See how our automated platform provides more than just readiness through clear roadmaps, transparent communication, and in-app audits
Get the recording icon-arrow
Stand out in a highly regulated industry
Minimize your risk while maximizing returns
Safeguard your data and close more deals
A bespoke solution for your unique business
Steve Heilenman | CIO, Benefix
Read More icon-arrow
Financial data security without the stress
Efficient SOC 2 compliance with no surprises
Enhance your security posture and build trust worldwide
Stay on top of data privacy regulations
Secure transactions,no matter your scale
Protect patient health data with confidence
Stand out in highly regulated industries
Many more standards including custom frameworks
Josh Horowitz | CTO, Stylo
Explore more success stories icon-arrow
Find out why the OrO Way is the best way to do compliance
See how we drive better outcomes through compliance
Go beyond readiness with unmatched expertise
Ensuring compliance is never a blocker to innovation
Join the team that's reimagining compliance
Let's make compliance easier—together
Your team of compliance experts is standing by. Meet your auditor on day 1 and get answers when you need them.
Get to know them icon-arrow
Catch up on the latest industry trends and expert insights
Attend the latest webinar or meet with us in person
Actionable tools for your compliance journey
Expert-curated resources for your compliance journey
A podcast for B2B CISOs
Customize and download your free information security policy and be well on your way to SOC 2 compliance.
Use our policy generator icon-arrow
Customer Stories / Nord Security
Nord Security provides digital security and privacy solutions for individuals and businesses globally. To ensure customer trust, Nord Security’s products and services must comply with local and regional standards.
Nord Security, a European company founded in 2012 that created the #1 VPN – NordVPN, had a robust security posture and a high level of knowledge about compliance. While they were certified in standards more commonly used in Europe such as ISO 27001, when expanding to the North American market, they found that these companies required different frameworks– specifically, SOC 2.
According to Sigita Jurkynaitė, Information Security Manager at Nord Security, “We were very mature in information security and compliance with other standards. We just didn’t have the specific knowledge for these frameworks that are specific to the market or the geographical area.”
The Nord Security team was looking for expert help to guide them through the SOC 2 process.
In addition to an easy-to-use platform, they wanted a partner who could understand their pain points and goals, and provide them a bespoke solution.
Sigita explained, “we were looking for someone to walk us through that unknown territory. A lot of our decision had to do with the human element: someone who understood us and we felt like we could trust.”
The Nord Security team found the compliance partner they were looking for in Thoropass. Their Thoropass Customer Success Manager functioned as part of their team, helping them every step of the way as they prepared for their audit.
With more than 50 people involved in the compliance process at Nord Security, communication was extremely important. Sigita appreciated the Thoropass team’s friendly and approachable communication style that made her and her team feel at ease.
Speaking to her experience with the Thoropass team, Sigita explained “their down-to-earth nature really helps us to promote security compliance in our environment. This helped in getting the team involved, motivated and enthusiastic about the process.”
At the same time, the audit requirements were clear and detailed, which helped her team prioritize and work efficiently. Flexible scheduling and the options to Slack, call, or email made it convenient to collaborate across time zones. During the audit, the Nord Security team and the auditor easily communicated within the Thoropass platform.
Nord Security successfully passed its SOC 2 audit. As a result, it has acquired North American customers and differentiated itself in the market.
According to Sigita, “we can’t imagine not having SOC 2. We have a huge competitive advantage and is absolutely something that we will continue working on, always.”
This past summer, Nord Security renewed with Thoropass to help maintain its SOC 2 certification.
Sigita explained, “we decided to stay with Thoropass for continuity, because everything was already in the platform. We also love that the platform constantly improves. If we have suggestions, we are really listened to.”
Sigita’s advice to other European startups? Get SOC 2 compliant.
Elaborating on that point, Sigita stated, “if you know that the American market is what you’re going for, then start as early as possible. You’ll regret it later if you don’t.”
While some companies may be able to achieve SOC 2 alone, she doesn’t recommend it.
“Think of how many sleepless nights it’s going to cost you, versus paying someone who will provide you with really clear guidance. You will save so much time and so much money if you find a partner like Thoropass to help you.” – Sigita Jurkynaitė
Talk with one of our experts to build your custom path to compliance and take advantage of Thoropass’s thoughtful automation, expert guidance, and security audit experience.
ISO 27001
SOC 2
