with @ldhawke and @stevesi
The government wants to get onto the cloud! But how do they assess the levels of risk in adopting specific cloud products, and which "cloud service providers" (aka "CSPs") to work with? That's where FedRAMP -- the Federal Risk and Authorization Management Program -- comes in. And enterprise SaaS companies need to pay attention, since it will be a requirement for selling to the U.S. government, which is one of the biggest buyers of tech. Not just that, but even state governments and private/public companies may seek FedRAMP certification because they either work with the federal government or are just seeking standards.
How similar or different is FedRAMP to other types of certification, authorization, and compliance (such as ISO, SOC-2, GDPR, even HIPAA); and what does it mean for a startup to go through organizationally, culturally? Is it like a check-the-box policy thing, is it like getting a driver's license... or what? One thing's for sure: It's an opportunity for enterprise SaaS startups, and the government is trying to help companies through the process.
What are the steps to certification? What are some acronyms and terms to be aware of? When and how should you bring a consultant, advisor, or third-party auditor into the process? How long does it take, really? And how does it affect your sales team? Most importantly, what is the best strategy for moving forward? (Hint: start with a customer). Lisa Hawke, VP of Security and Compliance at Everlaw, an a16z company, shares her expertise and their experience in navigating all this, as well as the resources below, in this episode of the a16z Podcast hosted by board partner Steven Sinofsky. (The two were also previously on another episode sharing everything startups need to know about GDPR.)
For links mentioned in this episode and other resources, see: https://a16z.com/2019/08/28/fedramp-why-what-how-for-startups/
Unusual Gathering | Episode XVIII
Conversations At The Intersection Of IT Security And Society
Lisa Hawke | Kevin Gosschalk
Sean Martin | Marco Ciappelli
The Perception of Privacy and How it Changes Depending on Your Perspective
We recorded this week’s Unusual Gatherings Weekly Podcast on January 28, 2019, which happens to be Data Privacy Day, an international effort coordinated by NCSA (National Cyber Security Alliance — aka Stay Safe Online) to create awareness about the importance of respecting privacy, safeguarding data and enabling trust.
While the half-day seminar brought together a large number of media outlets from around the country to attend the event live at LinkedIn’s headquarters in San Francisco, ITSPmagazine is proud to be THE media partner for this event. We believe so much in what the NCSA stands for and what they are doing that we are also working diligently on an ongoing strategic alliance with the NCSA; expect great things from us as we support all that they work so passionately for!
In today’s podcast, we discuss the topic of Data Privacy Day and so much more around the concept of data privacy and how it can change shape according to who is looking at the information, when, and from what angle. It’s all about perspective.
The main title for the Data Privacy Day event was A New Era In Privacy
We sure agree that it is, and this is exactly what you will hear us talking about in this conversation.
Thank you to today's episode partner: NCSA
Visit their directory page on ITSPmagazine to learn more:
Learn more about sponsoring the Unusual Gatherings Podcasts:
Learn more about supporting our quest by joining us on Patreon
If you can donate $1/month, you can help us to make a difference.
Would you like to participate in more Unusual Gatherings?
No problem ... https://www.itspmagazine.com/itspmagazine-unusual-gatherings/
Get appearance alerts
Subscribe to receive notifications by email whenever this creator appears as a guest on an episode.