Part 1 in a series. For more information, see "Everything You Want To Know About Akamai Security & Compliance."
The process to address customer security and compliance questions used to be somewhat chaotic. Questions would float around in random emails and elsewhere, and which ones got answered was a luck of the draw. We found this unacceptable, and did something about it.
In an interview last week, Akamai InfoSec Program Manager Meg Grady Troia -- who has had a big role in the customer service and compliance arena -- gave me an overview of the improvements made.
It's been a three-pronged strategy:
- Create an internal document of 100 basic security questions to give our sales staff clearer guidance on what to expect from customers and how best to answer them.
- Create a structured process where sales people can pass customer questions along to us and we can supply them with answers in rapid-fire fashion.
- Gather up documentation that deals with the most-commonly-asked-about issues and make them public.
When the new security microsite goes online, customers will be able to go to the compliance page and type any topic they want to know about into a search box, which will then return every scrap of public documentation we have on the given topic, be it HIPAA, PCI, FedRamp or Sarbanes-Oxley.