Stoke is an online service that enables the quick scaling-up of staff by streamlining the hiring, onboarding and management processes. Their comprehensive support of company growth includes the payroll and legal aspects of workforce expansion and all the little formalities that complex organizations require.
Stoke’s activities in workforce management involves massive amounts of digital engagements of every kind. Budgets, projects, contracts for thousands of freelancers and companies mean that access to their system is spread over many users, each with different levels of permissions, located in small companies and large enterprises around the world.
With a platform that needs to be accessed by so many parties, Stoke was aware of the need to run additional security checkups to ensure data protection and keep access privileges to a minimum at all times. But security wasn’t the only thing on their mind.
Compliance issues were also on Stoke’s radar. Quite possibly everyone’s least favorite aspect of advanced business operations, compliance with applicable regulatory standards is nonetheless central to the healthy functioning of any successful enterprise.
Compliance issues can arise for a number of reasons. Auditors, partners, clients or entry into highly regulated fields—all these and more can trigger reviews that will demand detailed documentation and precise accounting. Certification can be a golden ticket to the path forward but getting it can also be a major business challenge.
Spend five minutes looking at the requirements for meeting SOC2, FedRamp, ISO or PCI-DSS standards and you’ll see what we mean. Having to make significant changes to your system architecture or work processes can be just the beginning of the necessary adjustments. As if that weren’t enough, the cost of retrofitting your business to accommodate compliance measures can create a very unwelcome hole in any budget.
Stoke takes security and compliance matters seriously but they both fall outside of their area of expertise. In search of a dedicated tool to enhance their cloud security and solve compliance problems before they got started, they reached out to Solvo.
Stoke had already established their platform using AWS infrastructure to secure their availability and resilience at all times. However, like many users of cloud infrastructure, Stoke’s goal was to fill the gaps created by the “shared responsibility” model common among providers.