SOC2, Crypto and Building a security practice

In this episode we go deep into SOC2, Cryptography and how to get started building a security practice.

Key topics on Access Control Podcast: Episode 12 - Cryptography for Startups

• One of the harder jobs in security is to be the first security person
• at a startup since startups typically have various types of security problems, and you can't expect one person to cover all of those fields.
• Considerations when evaluating security consultants are the breadth of services being offered and the billing model being used.
• One way to describe the SOC 2 standard in the least number of words is: do you do what you say, and do you say what you do?
• Seven best practices to pass SOC 2 are defined in LVH's [The SOC 2 Starting Seven](https://latacora.micro.blog/2020/03/12/the-soc-starting.html) blog post.
• The [Crypto 101 e-book](https://www.crypto101.io/) is an introduction to cryptography basics for application developers.
• When determining the programming language to solve a given problem, it's important to use the right tool for the job.