At Blissfully, we went through the SOC 2 compliance process just a few months after raising our first round of funding. We want to help other organizations manage IT successfully, which requires trust. Being SOC 2 compliant was about giving our customers and prospects peace of mind when it came to working with us.
Recently, we created The Blissfully SOC 2 Compliance Playbook, showing you some of our favorite tools that helped us pass our audit painlessly. We asked Kisi, a building access management platform, to author a guest post about physical security in the workplace, why it matters to SOC 2 compliance, and how Kisi can help.
Guest post by: Bernard Mehl, CEO and Cofounder, Kisi
Guest post by Schuyler Brown, co-founder strongDM
As a part of our Blissfully SOC 2 compliance series, we invited strongDM to write a guest blog post about the challenges of data access controls, and why database management is important in the scheme of completing a SOC 2 audit. Blissfully used strongDM in our SOC 2 technology stack, mapped to the audit requirement of logical and physical access controls. Read more in our recently published SOC 2 Compliance Playbook.
Most companies wait until their B or C round (or later) to start tackling key industry security audits and compliance certifications.
I think that’s a mistake.
In fact, we started our SOC 2 Type II process just a month after closing our Seed round.
Employee onboarding is one of the most important experiences in someone’s time at your organization. Onboarding is when they not only receive the tools they need to do the job they’ve been hired for, but also form their first impressions of what it’s like to work with you and begin acclimating to your organizational culture.
In fact, a strong employee onboarding program can increase retention by 25% and performance by 11%.
So while it’s easy to oversimplify employee onboarding as a technical process that involves things like email setup and benefits enrollment, it has much bigger implications from a culture and productivity standpoint. Therefore, it not only makes sense, but is imperative to your and your employees’ success to take a people-first approach as you bring new hires into the fold.
The single best thing you can do to improve your organization’s cloud security is to turn on and enforce multi-factor authentication on all products that support it, especially your primary email and collaboration platform (as you may know, we recommend G Suite). This greatly reduces the harm that an attacker can do with stolen credentials.
Continue reading »
Dropbox has long been the gold standard for how file syncing should work. However, since Google Drive launched, and comes with 30GB free with Google Apps accounts, it’s been steadily replacing many companies file sharing platform. The problem though, is that Google Drive’s default organizational framework is confusing and broken.
We’ve written before about the right way to configure your Google Drive, which is a key first step, since Google Drive’s default organizational framework is confusing and broken. Taking this to the next level, we wanted to let you know about Team Drives, in case you aren’t already familiar.
Continue reading »
Blissfully began with the vision of helping companies make the best technology choices, integrate them, and manage them. And there is no type of technology more pervasive than SaaS (software as a service).
If you have many (or any) engineers on your team, it’s really tempting to spend those engineering resources building out your marketing site. Don’t do it. Engineering resources are incredibly important and typically scarce, especially in early stage companies. It’s important to keep those focused on your critical path items.
Continue reading »
