This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Any parameters to keep in mind for landing zone design that will make it SOC2 compliant?

Posted on 01-18-2025 07:48 AM
dheerajpanyam
Silver 4
Silver 4
Reply posted on --/--/---- --:-- AM

One of our clients is migrating to GCP and is interested in a landing zone design that is SOC2 compliant. From this perspective anything i need to keep in mind for landing zone design? I totally understand that the GCP services by themselves are SOC2 compliant. It is only the landing zone that i want to understand, anything that needs to be taken care of from a SOC2 compliance audit down the line.

0 3 241
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
mokit
Silver 4
Silver 4
Reply posted on --/--/---- --:-- AM

Hi, @dheerajpanyam.

I've worked with a team that was working toward acquiring their SOC 2 certification but I haven't encountered anything related to landing pages in that context. From what I understand, SOC 2 typically focuses on areas such as privacy, security, data availability and access control etc.

I believe the GCP landing page after login wouldn't be directly relevant to this. I'll also refer to this document - Google Cloud - SOC 2 Information in case you haven’t already reviewed it.

Regards,
Mokit

0 Likes

Posted on --/--/---- --:-- AM
dheerajpanyam
Silver 4
Silver 4
In response to mokit
Reply posted on --/--/---- --:-- AM

Thanks @mokit for the reply. One of the SOC2 areas that you mentioned is security. From that perspective , having a custom VPC is preferred over default VPC so this is something security related that needs to be considered  and part of the landing zone, no? 

0 Likes

Posted on --/--/---- --:-- AM
mokit
Silver 4
Silver 4
In response to dheerajpanyam
Reply posted on --/--/---- --:-- AM

Yes, a custom VPC is one of the requirements. Most of the default configurations need to be disabled in that context. However, this is part of the specific requirements and not included in the landing zone setup.

0 Likes
Top Labels in this Space
Top Solution Authors
View all