Hacker News new | past | comments | ask | show | jobs | submit login

fwiw, I've done SOC-x stuff, and I talked our auditors out of requiring routine password changes. That said, we seriously invested in 2fa, with high-pri stuff protected via yubicos.

I also talked them out of requiring virus detection on our macs, but this took a lot of work to avoid trusting (most) laptops.

I can see this approach as something quite interesting. Suspect it would not work in our current environment. But we will have to see.

But also thanks a lot for the idea to do this and try that. Not sure if it works with being ISO 27001 certified - but at least one can try.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact