A data classification policy provides a way to ensure sensitive information is handled according to the risk it poses to the organization.
Posts by Category:
- SOC 2
- Privileged Access Management
- Identity and Access Management
- Role-Based Access Control
- ISO 27001
- Zero Trust
- Secure Access Service Edge
Your SOC 2 confidentiality policy defines procedures to handle confidential information about clients, partners, and the company. Clients and partners expect you to keep their data secure and a confidentiality policy will demand this same expectation of your employees.Here are best practices to consider when writing your confidentiality policy
This episode we sit down with Will Charczuk, Engineering Group Lead at Blend. Will oversees the service management, runtime & alerting, and operations sub-teams. The crew talks in-depth about rapid deployment in a highly secure environment.
It’s safe to say that not many service providers look forward to soc 2 compliance. I'd guess not many of you have the AICPA on speed dial. Whether you're preparing for a Type 1 or Type 2, audits may be perceived as events that you prepare for and complete, but then eventually they go away - at least for a while.
There are several different levels of SOC (Service Organization Control) reports and types, so it is easy to get them confused. This post will focus on outlining the path to SOC 2 Type 2.
Ways to narrow your SOC 2 audit scope to save your company time and money so you receive your SOC 2 report with fewer migraines.
Understand who is on your core SOC 2 team, what are the roles, and how to build it.
Listen to this episode here! About This Episode Controlling access to a database is a solved problem… right? It can be straightforward for small teams and a small number of storage engines, but once either or both of those start to scale then things quickly become complex and difficult to manage. ...
Listen to this episode here! About This Episode strongDM Co-Founder and CTO Justin McCarthy has a quick chat with Risky Business' host Patrick to discuss strongDM, which makes a protocol proxy that you can use to provision production services (like Kubernetes and SQL access) to users without them ...
This episode we sit down with Peter Tormey, Head of Infrastructure at SoFi. The crew talks PII, security and what it takes to maintain privacy at-scale for the new model of finance. Peter leads the team that manages and develops a HA Postgres infrastructure using CoreOS utilizing K8s to orchestrate over 100 microservice databases.
Listen to this episode here! About This Episode strongDM Co-Founder and CTO Justin McCarthy sits down with Risky Business podcast host Patrick to discuss the strongDM technology, working from home in the current conditions, and making sure that companies have access controls in place while ...