Infosec for startups
SOC2, Crypto and Building a security practice
In this episode we go deep into SOC2, Cryptography and how to get started building a security practice.
Key topics on Access Control Podcast: Episode 12 - Cryptography for Startups
- One of the harder jobs in security is to be the first security person
- at a startup since startups typically have various types of security problems, and you can't expect one person to cover all of those fields.
- Considerations when evaluating security consultants are the breadth of services being offered and the billing model being used.
- One way to describe the SOC 2 standard in the least number of words is: do you do what you say, and do you say what you do?
- Seven best practices to pass SOC 2 are defined in LVH's [The SOC 2 Starting Seven](https://latacora.micro.blog/2020/03/12/the-soc-starting.html) blog post.
- The [Crypto 101 e-book](https://www.crypto101.io/) is an introduction to cryptography basics for application developers.
- When determining the programming language to solve a given problem, it's important to use the right tool for the job.