Printer Security, FedRAMP High, and the Road to IL6 with Justin Scott
Justin Scott didn't set out to build a security program. But after Vasion's customers started asking hard questions about cloud security, he ended up leading the company through ISO 27001, SOC 2, FedRAMP Moderate, and all the way to FedRAMP High, with IL6 on the horizon. He breaks down what actually worked, what didn't, and why automation is non-negotiable. Learn more about Vasion at https://vasion.com Learn more about Justin Scott: https://www.linkedin.com/in/jusscott/ Learn more about Paramify at https://www.paramify.com Learn more about Kenny Scott: https://www.linkedin.com/in/kenny-g-scott/ Learn more about Mike Schreiner: https://www.linkedin.com/in/mikecschreiner/ Chapters: 0:00 Intro 1:06 Meet Justin Scott and Vasion 2:24 How Justin Got Into Security 4:29 Going from On-Prem to SaaS 7:24 Owning the Full Security Program at Vasion 10:26 Starting with ISO 27001 Before FedRAMP 13:00 The Challenge of Finding a Sponsor 16:20 Choosing Stack Armor as a Partner 19:06 Why a Technical Program Manager is Non-Negotiable 19:44 Printer Security and Why It's a Blind Spot 23:00 How Vasion's Capabilities Map to Compliance Frameworks 25:00 AI, ISO 42001, and What Vasion Is Building 27:36 The Role of Simplicity in Building a Security Program 29:31 Why Automation Is the Only Way to Keep Up 31:39 FedRAMP 20X: Takes and Tradeoffs 36:51 FedRAMP High as a Growth Lever 38:27 Justin's Advice for Anyone Starting a FedRAMP Journey 39:52 Outro




