Infosec for startups

Infosec for startups

Oct 28, 2021

SOC2, Crypto and Building a security practice

In this episode we go deep into SOC2, Cryptography and how to get started building a security practice.

Key topics on Access Control Podcast: Episode 12 - Cryptography for Startups

  • One of the harder jobs in security is to be the first security person
  • at a startup since startups typically have various types of security problems, and you can't expect one person to cover all of those fields.
  • Considerations when evaluating security consultants are the breadth of services being offered and the billing model being used.
  • One way to describe the SOC 2 standard in the least number of words is: do you do what you say, and do you say what you do?
  • Seven best practices to pass SOC 2 are defined in LVH's [The SOC 2 Starting Seven]( blog post.
  • The [Crypto 101 e-book]( is an introduction to cryptography basics for application developers.
  • When determining the programming language to solve a given problem, it's important to use the right tool for the job.