Brick Road is a company that develops vertical SaaS solutions for industrial businesses, with a passion for distilling complex logic into simple code. They identify untapped opportunity within traditional industries and transform it into substantial value through strategic investment and partnerships. But as their client base grew, especially with larger enterprises, they realized they’d need SOC 2 compliance to maintain trust and meet the security requirements these clients expected.
Simon Klobas, the Founder & CEO of Brick Road, strongly believes in the power of no-code tools. “No-code tools allow companies like ours to quickly launch and iterate on products without needing a dedicated development team,” he explains. However, this approach presented challenges for achieving SOC 2 compliance. Traditional compliance processes focus heavily on infrastructure and code management, which are managed differently in no-code platforms like Bubble.io.
Simon highlights another significant roadblock: integrating their no-code setup with existing GRC tools. Standard processes for tracking and proving compliance were designed for more traditional development environments, making the road to SOC 2 compliance difficult in a no-code environment.
That’s where Prescient Security stepped in with an approach tailored specifically for Brick Road’s no-code infrastructure.
Understanding Shared Controls
Prescient helped Brick Road map out which controls were covered by their no-code platform provider (Bubble.io) and which were their direct responsibility, helping them focus only on what they needed to manage.
Building a Compliance Roadmap
With a clear compliance roadmap, Brick Road knew exactly where to invest their efforts. This roadmap also helped them avoid redundant or unnecessary documentation, cutting down on audit time and cost.
Streamlined Audit Process
Prescient’s focus on relevant controls reduced the audit’s scope, making the process more efficient and cost-effective for Brick Road.
Customized Documentation
Knowing that standard documentation wouldn’t reflect Brick Road’s no-code environment accurately, Prescient created materials tailored to showcase how Brick Road maintained security.
Ongoing Support
With a focus on sustainable SOC 2 compliance, Prescient guided Brick Road on maintaining SOC 2 standards year-round. This expert guidance kept compliance requirements manageable as the company scaled.
With Prescient Security’s compliance expertise in a no-code environment, Brick Road achieved substantial outcomes that prepared them for enterprise growth while managing compliance costs.
"Moving to no-code has been a game-changer for us in SOC 2 compliance. Thanks to Prescient’s guidance, we’re not only meeting enterprise-level security standards but have also streamlined our audit prep from three months to just six weeks.“ - Simon Klobas, Founder @ Brick Road
When asked about his experience, Simon Klobas (Founder & CEO at Brick Road) had this to say, “After three years of unconditional SOC 2 compliance, we’re breaking the stigma around no-code tools. We are proof that no-code can be scalable, secure, and fully compliant, meeting even the strictest enterprise standards. The work we’ve done with Prescient shows where software development is headed—toward a more accessible, compliant future.”
The partnership between Brick Road and Prescient Security highlights how no-code businesses can meet compliance needs without major trade-offs, setting Brick Road up for continued growth in enterprise SaaS.
Brick Road is a technology development and consulting firm with a passion for distilling complex logic into simple code. Brick Road identifies untapped digital potential within traditional industries and transforms it into substantial value through strategic investment and partnerships.
Learn more at: https://brickroad.au/
Founded in 2018, Prescient Security has swiftly become a trusted name in cyber risk resilience, expanding its expertise nationally. Prescient is dedicated to enhancing cyber resilience and securing technology offerings. Their comprehensive security audits and assessments are bolstered by solid delivery processes and a team of advanced assessors, ensuring high standards of trust and efficacy for clients in an era of rapid technological change and economic challenges.