Crew: SOC2 Type 1 Compliance & AWS Cost Optimization
Industry: Financial Technology
Company Size: 1-10 employees
Services: SOC2 Compliance, AWS Cost Optimization, GRC Management
The Challenge
Crew Finance took security seriously from day one, implementing GuardDuty, Security Hub, AWS Config, CloudTrail, Macie, and more in preparation for SOC2. But comprehensive security had come at a cost — their AWS bill had more than tripled from baseline.
With AWS credits set to expire and a SOC2 Type 1 audit on the horizon, Crew Finance engaged Ignisware to answer two critical questions:
- Are we actually ready for SOC2?
- Why is our AWS bill so high, and what can we do about it?
Our Approach
SOC2 Compliance
Rather than burden Crew Finance's small team with the traditional overhead of compliance management, we leveraged our partnership with Vanta to streamline the entire process. Vanta's platform handled:
- Continuous evidence gathering and monitoring
- Policy documentation and management
- Auditor communication and evidence requests
- Compliance gap identification
This approach eliminated the need for a dedicated compliance resource — a significant advantage for a company of Crew Finance's size. The result was a faster, more affordable path to SOC2 Type 1 certification.
AWS Cost Optimization
With AWS credits expired, Crew Finance requested a thorough infrastructure review. We found that many security services had been configured with defaults that exceeded SOC2 requirements:
- CloudTrail was logging extensively with retention far beyond compliance needs
- GuardDuty had optional protections enabled that provided limited value
- Non-production environments were over-provisioned
- Storage was using premium tiers where standard would suffice
We built an optimization roadmap that maintained full SOC2 compliance while eliminating unnecessary spend.
The Results
SOC2 Type 1 Certification Achieved
In December 2025, Crew Finance, Inc. received their SOC2 Type 1 report covering the suitability of design of controls relevant to security for their Neobanking Platform.
The audit was completed without pulling their engineering team away from product development. Our Vanta partnership made enterprise-grade compliance accessible and affordable for a sub-10 person company.
42% Reduction in AWS Costs
| Metric | Result |
|---|---|
| Cost Reduction from Peak | 42% |
| Monthly Savings | Significant |
| Compliance Status | Maintained |
Key Optimizations Delivered
- CloudTrail: Optimized logging configuration to meet compliance requirements without excess
- GuardDuty: Disabled non-essential protections post-audit while maintaining core security
- RDS Storage: Migrated from io1 to gp3 for better price-performance
- Non-Production Environments: Right-sized demo and staging resources
- Backup Strategy: Adjusted cross-region backup frequency to match actual recovery needs
What Our Client Says
"The experience was so good that we've decided to continue our relationship with Ignisware for the foreseeable future."
— Steve, Technical Co-Founder, Crew Finance
Key Takeaway
SOC2 compliance doesn't have to break the bank — and neither does your AWS bill. With the right partner and tools, small teams can achieve enterprise-grade security and compliance while keeping infrastructure costs under control.
Ready to Optimize Your Cloud?
Whether you're preparing for SOC2, struggling with runaway AWS costs, or both — we can help.