Marie Joseph knows a thing or two about security compliance. As a Senior Security Solutions Engineer at Trava Security, Marie helps clients through the process of becoming SOC 2 certified…. but what is SOC 2?

In this episode, Marie helps us get to the bottom of what SOC 2 certification is and why it’s important for companies to attain. Listen in for the 101 on SOC 2, ISO 27001 and GDPR (that’s a lot of numbers and letters.)

In this episode, you will learn the following:

  • What is SOC 2 and why is it important for companies to be certified?
  • How does compliance relate to security and what are the different compliance frameworks?
  • What is the difference between SOC 2 and ISO, and which one should a company choose?

Things to listen for:

[03:00] What is SOC 2 and why is it important?

[05:22] The difference between security and compliance

[06:52] Security controls that SOC 2 certification focuses on

[09:18] How to choose which framework works best for your company

[10:15] The different types of SOC 2 certifications

[11:50] When and how to start certification

[14:16] Final thoughts from Marie

[14:47] Jara’s receipts