A datacenter being soc2 compliant doesn’t mean any of your systems are. Same wit... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		wutwutwat 9 months ago \| parent \| context \| favorite \| on: Why we use our own hardware A datacenter being soc2 compliant doesn’t mean any of your systems are. Same with pci. Same with hipaa. Cloud providers usually have offerings that help meet those requirements as well, but again, you can host bare metal, colo, cloud, or a tower under your bed, their compliance doesn’t do anything to cover your compliance.

dijit 9 months ago | [–]

Yes, quite right, that’s what I meant with my “I still have to do the work of securing my services”.

Would be the same no matter where I’m hosted.

Going to guess you meant to reply to the parent though?

bigfatkitten 9 months ago | [–]

They do cover your physical security requirements, which is still important.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact