Security in Polyrific

This week, we completed a risk assessment form for a client. It contained questions about how we conduct security in general in our company. It ranged from basic questions like whether we enforce our employees to use multi-factor authentication (MFA) on some services and how we manage the access permissions to some infrastructure resources. And also many more advanced questions like whether we have a written policy for intrusion detection/prevention and how we plan for disaster recovery and business continuity.

Fortunately, we have prepared this security requirement by utilizing the Vanta service since last year. If you don’t know, Vanta is an automation service that continuously scans our resources to comply with specific standards (SOC 2, ISO27001, HIPAA, GDPR, etc.) If you remember, all of you have participated in the compliance fulfillment process by completing the onboarding items. It included the requirement for you to accept some policies and complete the security training. It also required you to install a Vanta agent on your computer for full-time employees.

With this writing, we want to stress out once again that we treat security seriously in Polyrific. As you can see, secure culture is not only good for our internal team but also affects how external companies see us as a trusted partner or not, which in turn will affect our business in the long run.

None of the items in the onboarding list are only for the sake of formality on the paper. We would like you to take some time to read the policies carefully and understand how they will affect your daily workflow. If you find something that needs improvement, please don’t hesitate to bring them to the table. We believe that your participation is the key to the success of the security policy implementation in Polyrific.

Tech News

memo NET 20th Anniversary (watch the live event)

memo Why shouldn’t I choose the best language for the job? (watch what Tim Corey say about this)

memo Design an office that people want to come back to (read the article from Harvard Business Review)

memo The Harsh Reality for JS Developers: If You Don’t Study The Fundamentals You Will Be Just Another “Coder” (read the interesting article)

memo A printable, PDF - Git cheatsheet (get the cheatsheet)