In the summer of 2018, there were very clear signs that the importance of compliance was growing.
The story of Hyperproof starts with my time at Microsoft. In one of my roles there, I was tasked with developing one of Microsoft’s largest scale and most critical cloud services: Microsoft Passport. Microsoft Passport was Microsoft’s cloud ID, running at large scale and a critical piece of the company’s infrastructure. Due to objections over claims made about the security of our Passport service, independent organizations filed a complaint with the Federal Trade Commission (FTC) to investigate Microsoft.
Fast forward a year: Microsoft and the FTC agreed to a set of remedies that included intense and comprehensive auditing of Microsoft’s Passport services. These audits were extremely disruptive and effectively halted all progress on our product development efforts. You can read more about this time in Microsoft’s History here.
After Microsoft, I co-founded Azuqua, a company working in the cloud integration and workflow space. We were a small and scrappy startup. In our pursuit of our first large customers, we were barraged by complex spreadsheets full of very deep security and privacy questions from our customers relating to how we designed, built and operated our services.
After filling out 100-200 question surveys literally dozens of times, I figured there must be a better way to show we were serious about security, privacy and other methods of protecting customer and partner data. At that point, I decided to begin our small 20-person company’s journey toward SOC II Type 1, SOC II Type 2 and then eventually GDPR certifications.
After leaving Azuqua I reflected on the above experiences. And though the sizes of the organizations couldn’t be more different, our approach to compliance was the same. At both companies, we managed our own compliance efforts using a hodgepodge of tools centered around email and spreadsheets. The process was manual, error-prone, redundant and was universally reviled by everyone who had to participate in it outside of dedicated compliance professionals. Certainly, programmers, product managers, and marketers would run the other way. It seemed clear there must be a better way.
How could we make our compliance efforts simpler and faster?
I started to think about my experience in another role working on Microsoft Dynamics CRM in 2007. At that time, before CRM systems were popular, many companies tracked leads and opportunities using Excel and Email. At a certain point, those tools were no longer sufficient to track your customers. Spreadsheets don’t offer specific roles, sophisticated permissions, workflows, tasks, scheduling, and other key capabilities. Dedicated cloud-based CRM tools like Salesforce and Dynamics CRM entered the market and transformed it with these capabilities.
As a by-product, many more professionals inside organizations were able to benefit from the power of CRM. In addition to helping salespeople track and close opportunities, CRM empowered people from marketing, finance, operations, and other internal audiences to access a treasure trove of data they never could before. These simple new cloud tools helped spread the benefits of CRM across the entire organization. It seemed to me that the exact same transformation was about to happen in the compliance space!
In the summer of 2018, there were very clear signs that the importance of compliance was growing. Two very important milestones punctuated this.
The first was the emergence of the GDPR and the difficulty of actually understanding and complying with this critical new EU program by the May 25, 2018 deadline. Eighty percent of companies failed to meet the deadline.
The second milestone was the Cambridge Analytica scandal at Facebook, which was cited as a major factor driving Facebook’s loss of 119B in market cap in a single day– July 26, 2018. Facebook’s loss was the biggest single-day loss in stock market history. For comparison, on Black Tuesday, which kicked off the Great Depression, the total losses suffered by all companies was 14B (albeit in 1929 dollars). There was no going back — no C-level executive could afford to replay this event. The costs were too high, with the reputational risk perhaps even greater than the financial risk.
Over the summer of 2018, a couple of colleagues and I conducted close to 50 interviews with prospects, partners, compliance professionals, lawyers, luminaries, VCs, and others. The compliance-related problems and challenges we had previously identified were played back to us time and time again.
One of the biggest problems they shared was the difficulty in collecting evidence and proof from across the organization. Without a system to act as their central repository, the company would never know if they had really protected their stakeholders and they certainly wouldn’t be able to withstand scrutiny by a regulator. By August 2018, we had collected enough data, we felt compelled to begin building the solution and Hyperproof was born.
Hyperproof team members at our 2018 holiday gathering
Since then, Hyperproof has been making steady progress toward its overarching mission of “Helping Organizations keep the promises they make.” It is an ambitious goal that will take many years to fulfill. We are starting by creating the world’s fastest, simplest and most effective application for compliance within organizations. At Hyperproof we are creating an entirely new business application, a system of record for your compliance data coupled with an intuitive collaboration and work management system.
When complete, Hyperproof will make it easy to gather and re-use evidence, remind yourself or others to complete compliance tasks, and define integrations and automations to eliminate manual tasks. We endeavor to build a responsible company that can help businesses meet their highest aspirations and demonstrate their genuine dedication and commitment to protecting their customers, shareholders, partners, and suppliers along with the greater community.
Our product will allow people to do their best and most ethical work with a level of transparency not previously possible. We hope to enact real social good with Hyperproof both for organizations and the customers, members and consumers that have trusted these organizations with their critical, personal data.
At Hyperproof we are on a mission, and our success is linked to the success of the organizations we serve and the fulfilled trust of the customers they serve by extension. We are extremely excited to continue on this journey. It is a noble way to spend our time and it has attracted an extremely talented team that demonstrates excellence every day!
Monthly Newsletter