|
|
|
|
|
|
by jameshart
1650 days ago
|
|
|
How comfortable would you be if you learned that your cloud provider allowed a contractor in a random overseas country to connect to your production servers from a laptop on which he also read his personal email? Would you like them to have some controls in place to prevent that? Would you like that to be enforced consistently and audited? Would you like them to provide you with a certification that their procedures to ensure that doesn’t happen meet some minimal standard? Congratulations, you have invented ‘demanding SOC2 compliance from vendors’. And the upshot of it is that some contractors have to put up with jumping through some hoops. |
|
|