1-2 weeks for most organizations. Week 1 is connecting accounts (15-30 min per system). Week 2 is dashboard configuration and baseline assessment. Larger orgs (500+ employees) may take 3 weeks.
How It Works
- Home
- How It Works
"Setup once. Monitor forever."
The LaunchSecure Platform
From Initial Setup to Continuous Compliance
Our platform automates compliance monitoring end-to-end. Here's exactly how we keep you audit-ready 24/7.
1
Initial Setup & Integration
1-2 week onboarding to connect your systems
Connect Cloud Accounts
We connect to your cloud accounts (AWS, Google Workspace, Okta, etc.) with read-only access. Set up takes 1-2 weeks and includes policy templates, baseline assessments, and dashboards.
Configure Compliance Dashboard
We customize your dashboard to track HIPAA, SOC 2, NIST CSF, or ISO 27001 requirements based on your business needs.
Deploy Policy Templates
We provide pre-built policy templates (Information Security, Data Classification, Incident Response, etc.) aligned to your frameworks.
Baseline Assessment
We run an initial scan to establish your current compliance posture across 100+ controls. This becomes your benchmark.
Timeline
Week 1: Account connections, access verification, policy templates delivered
Week 2: Dashboard configuration, baseline assessment, team training session
2
Automated Evidence Collection
Daily automated pulls from your systems
Google Workspace / Microsoft 365
Collect: MFA enrollment rates, user provisioning/deprovisioning logs, admin activity, sharing permissions, 2FA status
Cloud Infrastructure (AWS/Azure/GCP)
Collect: Unencrypted S3 buckets, public databases, security group misconfigurations, CloudTrail logs, IAM policy reviews
Identity Provider (Okta/Auth0)
Collect: SSO login activity, MFA methods in use, failed authentication attempts, active user count, role assignments
Endpoint Management (Intune/Jamf)
Collect: Device inventory, OS patch levels, disk encryption status, antivirus deployment, mobile device compliance
Collection Schedule
Daily 9 AM: Google Workspace, Okta, endpoint data
Daily 10 AM: AWS, Azure, GCP infrastructure scans
Real-time: Security alerts, CloudTrail events, access log anomalies
3
Real-Time Compliance Monitoring
Continuous evaluation against 100+ controls
Automated Control Scoring
Our engine evaluates collected evidence against control requirements (e.g., "MFA enrollment must be ≥95%"). Scores update automatically as data changes.
Framework Mapping
Every control maps to specific HIPAA, SOC 2, NIST, and ISO requirements. See exactly which regulations you're meeting (or missing).
Compliance Dashboard
View your overall compliance percentage, trending graphs, control-by-control breakdowns, and upcoming audit readiness status.
Historical Tracking
Track compliance posture over time. See if you're improving, plateauing, or regressing. Perfect for quarterly board reports.
Example Dashboard Metrics
Overall Compliance: 87% (↑ 5% from last month)
HIPAA: 42 of 48 controls passing
SOC 2: 38 of 45 controls passing
Critical Gaps: 3 requiring immediate attention
4
Automated Gap Detection & Alerts
Know immediately when compliance drifts
Real-Time Alerts
If MFA enrollment drops below 95%, you get an email within 24 hours. If a new S3 bucket is created without encryption, you're notified immediately.
Drift Detection
We track changes over time. If your compliance score decreases for 3 consecutive days, we flag it for investigation.
Remediation Guidance
Every gap comes with step-by-step remediation instructions. No guessing. "Go here, click this, change that." We even generate scripts for cloud fixes.
Ticketing Integration (Optional)
Auto-create Jira or Linear tickets for each gap. Assign to owners, set SLAs, track to closure. When the ticket is resolved, we re-scan automatically.
Alert Example
Subject: ⚠️ Compliance Alert: MFA Enrollment Dropped
Your MFA enrollment decreased from 95% to 88% (7 users disabled MFA). This affects HIPAA 164.308(a)(5)(ii)(D). View Dashboard →
5
Always Audit-Ready Reporting
Export evidence instantly when auditors ask
Instant Report Generation
Click "Export Report" and get a 50-page compliance report with all evidence, control scores, gap analysis, and remediation plans. Takes 30 seconds.
Evidence Packages
Auditors need proof? We package all collected evidence (MFA reports, CloudTrail logs, policy docs, screenshots) into a zip file organized by control.
Point-in-Time Snapshots
Export your compliance posture as it was on any specific date. "Show me where we stood on June 1, 2024." Done.
Executive Summaries
1-page summaries for board meetings: "We're 92% SOC 2 compliant. 3 gaps remaining. On track for Q4 audit."
Available Report Types
✅ Full Compliance Report (PDF, 40-60 pages)
✅ Evidence Package (ZIP, all artifacts by control)
✅ Executive Summary (PDF, 1-2 pages)
✅ Gap Analysis (CSV, importable to your ticketing system)
✅ Audit Trail Log (JSON, every evidence collection timestamp)
Ready to Automate Your Compliance?
Schedule a demo and we'll show you the platform in action. Custom pricing based on your org size and complexity.
Common Questions
Frequently Asked Questions
How long does setup actually take?
What access do you need to our systems?
Read-only access only. For AWS: ReadOnlyAccess + SecurityAudit policies. For Google Workspace: Reports API (read-only). For Okta: Read-only API token. We never write to your systems or access actual customer data.
How is this different from Vanta or Drata?
Similar automation, but we include expert guidance. Vanta/Drata are pure self-service (DIY). We set up the platform FOR you, provide ongoing support, and review your compliance posture monthly. Think of it as platform + fractional compliance team.
What's included in the ongoing retainer?
• Daily evidence collection & monitoring
• Real-time alerts for compliance drift
• Monthly compliance review calls
• Quarterly executive reports
• Unlimited report exports
• Email support (24-hour response)
• Annual policy reviews & updates
How is pricing determined?
Based on: (1) Organization size (employee count), (2) Number of frameworks (HIPAA only vs. HIPAA+SOC2+ISO), (3) Number of cloud accounts/systems to monitor. Typical range: $2k-$8k/month retainer after initial setup fee. Schedule a demo for custom pricing.