Customer feature: How CircleCI sped up their NDA process

At Pima, we’re all about celebrating our customers and the steps they take to streamline how they work. So, when one of our customers drastically cuts down the amount of time spent on getting NDAs signed or sharing compliance documents, you can bet we’re going to tell you about it.

One story we love to tell is how CircleCI, a continuous integration and delivery platform, used Pima to cut down their NDA singing time to under 10 seconds. Here’s how it all happened. 

What is CircleCI?

CircleCI is one of the largest continuous integration and continuous delivery (CI/CD) platforms for developers. Their goal is to make it as easy as possible for developers to connect all of their tools to build things the way they want — and they have security offerings that support this goal. Founded in 2011, the company has a total 650 employees and has raised $315 million as of 2021.

Another big accolade? CircleCI was one of the first ever Pima customers!

What problem were they trying to solve? 

Because CircleCI is a critical security vendor for so many of its customers, it needs to continually build trust with those customers. Before, that meant filling out multiple security questionnaires during the procurement process, and doing all the work to prove compliance. Then, once they became compliant with both FedRAMP and SOC 2, all they had to do was share their compliance documents. 

However, this presented another issue. Compliance reports are sensitive materials that really shouldn’t be shared publicly. To mitigate this, CircleCI was asking every single prospect to sign an NDA before sending the watermarked documents over. This added a lot of time to the procurement process — particularly when they had to chase down signatures — that could be better spent elsewhere. 

This is where Pima came in. 

How Pima helped

When the CircleCI team was first evaluating Pima, they had a complex process for sharing their compliance documents. They used a combination of Zendesk, Docusign, Adobe, and Dropbox just to get the NDA signed and send out the watermarked report. 

“The original request came through Zendesk. We then needed to send an NDA with Docusign and get the correct people with signing authority on both ends, which often wasn’t the requester. After it was signed, it needed to be uploaded in Dropbox. We would send the watermarked report and send it back through Zendesk. It was a lot.” — Tad Whitaker, previously Senior Engineering Manager at CircleCI

Pima brought all these various steps together into one tool. Now, as soon as a vendor signs an NDA via Pima, they get immediate access to the report. 

The process has become seamless for the organization. For instance, say you’re a CircleCI customer success manager that wants to send a SOC 2 report to prove compliance. You can now get it to the customer in less than 10 seconds. 

According to Tad Whitaker, who was the Security Engineering Manager at CircleCI when they rolled out Pima, what was once a taxing challenge for their team immediately stopped being an issue. To him, at least 25% of the company benefits in one way or another from adopting Pima into their procurement processes. 

“Had we not chosen Pima, we would still be spending tons of hours on the problem and the result would not be satisfactory.  I always felt like I was doing a poor job responding to customer seven when I couldn’t possibly do a better job with the tools.” 

‍Pima.app does more to streamline procurement processes by facilitating NDA signing — learn more about how we do it.