/plushcap/analysis/launchdarkly/how-to-comply

How to Comply

What's this blog post about?

LaunchDarkly recently pursued SOC Type 2 compliance, which had significant impact on their engineering operations and development teams. The process was made easier due to the founding engineering team's experience and philosophy. It is recommended that businesses view certification criteria as benefits of good business practices rather than just a means to sell into certain customers or verticals. Key security principles include least privilege access, limiting data collection, using multi-factor authentication, planning for employee onboarding and offboarding, incorporating account context in logs, building for failure, keeping documentation up to date, and making security part of the company's foundation and culture.

Company
LaunchDarkly

Date published
Aug. 21, 2017

Author(s)
Adam Zimman

Word count
1437

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.