May 10, 2023

Understanding SOC-2 Compliance and Achieving It with Skyflow's Daniel Wong

How to Subscribe
Share In

In today's digital age, data privacy and security have become critical concerns for companies of all sizes. One way for companies to demonstrate their commitment to protecting customer data is by achieving SOC-2 compliance. But what exactly is SOC-2, and how can companies achieve it?

To answer these questions, Daniel Wong, Head of Security and Compliance at Skyflow, joins the show to share his insights into SOC-2 compliance and the steps companies can take to achieve it.

Throughout the interview, Daniel explains what SOC-2 compliance is, why it's important, and how it differs from other compliance standards. He also walks us through the key steps businesses can take to achieve SOC-2 compliance, including risk assessment, gap analysis, and remediation.

Daniel also highlights the benefits of using Skyflow's platform to achieve SOC-2 compliance, such as its ability to help companies protect sensitive data while still enabling secure data sharing. He also discusses the challenges that businesses may face when pursuing SOC-2 compliance and how to overcome them.

Whether you're a business owner or a data privacy professional, this interview with Daniel Wong provides valuable insights into SOC-2 compliance and how to achieve it.

Topics:

  • Can you explain what SOC-2 compliance is, and why it's important for businesses to achieve it
  • What’s the difference between SOC-2 Type 1 and Type 2?
  • How do these compare to ISO 27001?
  • How does SOC-2 compliance differ from other compliance standards, such as PCI DSS or HIPAA?
  • What are some common challenges that businesses face when pursuing SOC-2 compliance, and how can they overcome them?
  • Can you walk us through the key steps that businesses need to take to achieve SOC-2 compliance?
  • Skyflow Data Privacy Vault is SOC-2 compliant, how long did that take and what was involved?
  • What’s that mean for our customers that want to achieve SOC-2 compliance?
  • What advice would you give to businesses that are just starting their SOC-2 compliance journey?
  • With something like a car, I can’t just manufacture a car in my house and start selling it. There’s certain inspections from a safety perspective that I have to pass. Do you think software needs more requirements like this before you can just launch something and start having people use it?
  • Where do you see standards like SOC-2 going in the future?

Resources:

 

Other Podcast

September 11, 2024

Pseudo-anonymization of Data with Jack Godau

In this episode, Sean sat down with Jack Godau to dive deep into the world of pseudoanonymization. Jack shared how pseudoanonymization differs from anonymization, explaining its value for maintaining data utility while complying with stringent regulations like GDPR.

August 28, 2024

The Evolution of Certificate Management with Anchor Security's Ben Burkert

In this episode we explore how certificates and TLS function, the inherent difficulties in managing internal TLS certificates, and why nearly every engineer has a horror story related to it.

August 14, 2024

What is a Data Lakehouse with Upsolver's Ori Rafael

In this episode, we sit down with Ori Rafael, CEO and Co-founder of Upsolver, to explore the rise of the lakehouse architecture and its significance in modern data management.