Starting next week, I'm beginning a series on Akamai InfoSec compliance efforts. It's an extensive effort to be sure, and customers probably ask us more about it than anything else.
The first post will be about our process for getting customers the answers they need. From there, I will delve into the following (in no particular order):
- Akamai InfoSec and the challenges of ISO 27002
- How ISO compliance shaped Akamai security training for vets and newbies alike
- How Akamai achieved FedRAMP certification, and why it's a huge deal
- Pen testing: Why it's essential to Akamai's security compliance efforts
- Case studies in pen testing: What Akamai learns about itself
- Edge tokenization deployments: How we do it
- How we approach 3rd-party assessments (HIPAA/ISO /PCI)
- The importance of code review as part of our security efforts and how it fits into the compliance puzzle
- How we welded security and compliance into a process that makes sense
- CP/DR at Planetary Scale
That won't be the end of the series. In fact, it will just be the beginning.
Meanwhile, the new security section of Akamai.com will launch around February, and giving customers quicker access to documentation that addresses their compliance questions is a major part of that.
Stay tuned for more. Much more. And if you have questions about a compliance issue you don't see covered in the list above, email me at firstname.lastname@example.org.