Thoropass

Huge congrats to Barbican Advisory on achieving SOC 2 Type II compliance! We're honored that they trusted us to help strengthen their security and compliance. "Protecting our clients' information and data is a top priority for us. Achieving the SOC 2 Type 2 certification is a testament to our firm's commitment to the highest standards of data security and compliance. A huge thanks to Thoropass for their seamless and efficient support throughout the process." - Sean Chen, CEO of Barbican Advisory Barbican is officially a company you can trust with your data.

25% lower audit costs. 50% less audit time. Too good to be true? Not if you have the right audit partner. The Access Group powers over 100,000 organizations globally through their software. Integrating 10+ acquisitions each year meant they needed a more efficient and scalable approach to compliance. With Thoropass, they reduced audit times by half, cut costs by 25%, and found a true audit partner who speaks their language and understands their business. Matt S., Head of Cyber GRC, said it best: "A SOC audit could've taken us 12 months from beginning to end, and now we're probably doing it in 6 or 7 months. We weren't after a traditional audit company. We were after a partner." Hear the rest of their story ??

This Women's Month, we want to highlight some of the wonderful women working at the intersection of compliance and technology. First up: Meet Jennifer Orlando, our Sr. Manager of Commercial Account Management. --- ?????????? ?? ?????? ?????????? ???????? ?????? ???? ???????? ???? ??????????????????. I oversee a team of 4 Commercial Account Managers and we’re responsible for financial expansion of our current customer base.?We do that through adding new products, frameworks, and services. ???????????????????? ?????? ???????? ?????? ???? ????????-?????????????????? ????????????. ?????? ?????? ?????? ?????????? ???????? ?? ???????????????????? ???????????? ???? ???????? ????????????????????????? I was very fortunate to have some very good leadership role models that taught me to listen and learn, and then gave me a seat at the table to contribute. These leaders were both men and women over the years and didn’t see my gender as a blocker to the work I delivered or how I contributed. This positive reinforcement gave me the confidence I needed to keep asking for more, raising my hand to learn, and want to be a leader. ???????? ???????????? ?????????? ?????? ???????? ???? ?????????? ?????????? ?????????????? ???? ????????-?????????????????? ????????????? Bring your most authentic self to the table, be open minded, look for more than just gender in a role model; look for those work and life experiences that resonate with you. Ask for support where you need it and keep pushing yourself to the role you want to be in. The smart people and leaders you want to be around and learn from will recognize you. ???????? ?????? ?????????????????? ???? ???? ???????????? ?????????? ????????????? Companies can make sure they’re promoting based on merit and offering roles to the most qualified candidates; fair pay based on experience is critical. Creating a flexible work space so women can manage the multiple roles they have in their lives as care takers, students, and managing a home life. --- Thank you for everything you do, Jennifer! We're lucky to have you on the team!

For healthcare innovators like Rimidi, compliance isn’t just about checking a box. Growing healthcare companies need to scale with confidence while ensuring top-tier security and compliance. That’s why Rimidi turned to Thoropass as their trusted compliance partner. With Thoropass on their side, Rimidi successfully earned SOC 2 and HITRUST. They also streamlined the evidence-collection process for both frameworks, making it easier to manage compliance and avoid duplicating efforts. Learn more about their story: https://lnkd.in/eYw-nD7g

When a security company trusts you to tackle their compliance, it's a huge honor. Nord Security has high standards, so we're delighted to partner with them. Today, Sigita Jurkynait?, the Information Security Manager at Nord Security, is taking over the page to share her experience working with Thoropass. --- "We needed someone who would provide us with a platform, of course, but also guidance on what to expect, how the SOC 2 and HIPAA audits will go, what kind of evidence is required, how to do it in the most efficient and economic way. That sort of guidance and for someone to walk us through that unknown territory was something that we were looking for. The decision, of course, is based on the service, the platform, and the price, but it's also a lot to do with the human element where you feel like you can trust the partner on the other end, and that they understand the specific position that you're coming from. That you're actually very mature in information security and compliance in other standards, but you just don't have a specific knowledge for these frameworks."

MSPs: Is compliance slowing you down or fueling your growth? Internal compliance isn’t only a requirement—it’s a strategic advantage. With the right approach, you can: + Streamline operations + Strengthen client confidence + Open new revenue opportunities Julie I. recently wrote an article to help you make compliance work for you. Drive growth, trust, and efficiency: https://lnkd.in/eWzfvu9P

Congrats to the 15 team members who earned promotions this month! Jack Greenwald - Senior Sales Manager Owen Whitley - Mid-Market Account Executive Cassin Sutor - Mid-Market Account Executive Patrick Saladyga - Senior Customer Success Manager Jarad Haggard - Implementation & Onboarding Lead Matías Rubín - Staff Engineer Adrián Sanabria - Senior Engineer David Alejandro Corredor Mora - Senior Engineer Pablo Gonzales - Senior Engineer Dominique Carvajal - Director of Engineering Victoria Mai - Senior Associate, Infosec Solutions Cameron Olshansky - Director, Customer Marketing Margaret Chandler - Customer Marketing Associate Ana Naranjo - Manager, People Experience & Operations Linda Henderson - Senior Accountant Every one of these people lives and breathes our values. We're so excited to see everything they achieve in their new roles. Please join us in congratulating them on this accomplishment!

The PCI DSS v4.0 deadline is March 31—are you prepared? At the end of the month, all requirements initially labeled as "best practices" in v4.0 will become mandatory. Payment security compliance has evolved far beyond an annual checkbox exercise. We can help you shift from periodic audits to continuous validation with automated evidence collection and real-time control monitoring. Reduce audit fatigue, meet new requirements, and stay ahead of compliance demands with streamlined workflows. See how to simplify your PCI DSS Audit: https://lnkd.in/eXNUGvBy

There's so much we can accomplish together remotely, but we still love when our team gets a chance to connect IRL. Recently, our Pentest team gathered in Medellín, Colombia for an action-packed offsite. Activities included: ?? An intense hacking competition that put our pentesters to the test ?? Insightful presentations and technical discussions ?? Time to explore the city together We had a blast strengthening our team's technical skills—and our bond. Thanks to Donavan Trieu, Henrique Soares, Andrés Maroto Berkovics, Pamela Hidalgo, Manfred Carvajal, Daniel Zamora, Cristopher Mora Diaz, Gustavo Morán, Eduardo Bido, and everyone else who attended!

Looking to gain compliance in Latin America? Our trusted partner, Datalex Latam, can help you out. They offer several compliance-related services, including: + Security & Privacy Compliance: SOC 2, ISO 27001, PCI-DSS, and GDPR + Data Protection & Privacy Compliance: Advisory on global data protection regulations, including GDPR, LGPD, and Costa Rica’s evolving data protection framework + Regulatory Strategy & Risk Management: Navigating digital regulatory challenges, implementing governance frameworks, and mitigating compliance risks + AI & Emerging Technology Compliance: Guidance on responsible AI governance, regulatory frameworks, and risk assessments in compliance with global regulations They've helped clients across industries and throughout Latin America, the U.S., and Europe—and you could be next.