> You seem to have a problem with the standard that says SOC3 facilities should have encrypted hard drives, not the auditor who is actually trying to enforce that standard.
Isn't that exactly what the article says? That auditors are looking for compliance, not security?
Isn't that exactly what the article says? That auditors are looking for compliance, not security?