Getting SOC 2 compliance alone takes ~10k USD apart from vendor reports. Yes they may be small with employee count, but when I said small I just meant someone running something for small set of users for free or close to free. Not someone working with other enterprises.
My point is that even small companies may need SOC reports from their vendors but still not be able to financially support enterprise level plans with every one of them. By being supportive of hiding those reports behind enterprise level contracts you are effectively supporting pricing those companies out and potentially making them unable to work with larger clients.
SOC reports are only needed for SOC compliance and compliance costs 10k USD. It depends on the subscription cost, but if the company could afford the compliance they could afford extra 100 USD/month. No one expects small companies to pay few 1000 dollars per month.
Although few companies have minimum ticket size for enterprise clients and that is a bad thing IMO.
