Getting Serious About Security: Crucial Questions to Ask Your Systems and Software Suppliers
Taking security for granted isn’t an option today. If your company or organization hasn’t done a basic security scan or a full-on penetration test, then here some things you should ask your vendors about regarding your security while using their services.
How Did You Develop Your Product?
There are two basic ways to develop a product. Either the company developed something out of a personal experience or they found a problem in the marketplace and devised a solution for it.
Ideally, you’ll want to do business with someone in the former category. Why? Because companies that develop out of personal or shared experiences tend to have a better grasp on the problem, solution, and implications of their solution.
Who Is Going To Help Set It Up?
You don’t want to set up a new application without support. First of all, if you do it incorrectly, you could create a security issue. Secondly, you don’t want a non-functioning app with no support. Your SaaS vendors should have a knowledge base that you can reference, but sometimes you need more.
Ask about options for assisted installation.
What’s The Most Complex Installation You’ve Done Thus Far?
Get a more comprehensive understanding about how the whole process works, and be wary of nonspecific or vague answers to your questions. Your vendor should be overflowing with details about the install process.
Also, you’ll want to know what type of experience the vendor has with complicated installs. Onboarding can take a few wrong turns even when the installation team is well-versed in your application and experienced with the installation process. Know how your vendor manages setbacks.
What Does My IT Team Need To Know?
Is there any part of the installation process you will have to perform yourself? What about penetration testing after the install. Companies, like Sec-Tec.co.uk, often recommend that you have testing done after any major change to your network or system. If your vendor doesn’t, ask why.
Are You 27001 Accredited?
The ISO 27001 certification signifies a company’s commitment to best practices in cloud security and data handling. If your vendor isn’t, ask why. Most reputable companies will seek out this accreditation so it’s unusual for a company to not bother with it.
Have You Done A Recent Penetration Test?
Has your vendor done a recent penetration test? If not, ask why. Most security firms recommend pen testing at least once per quarter. If you store financial or healthcare-related information, you may want to have it done more often.
What Are Your Current Security Practices?
This is a big one, and it’s easy to avoid giving you definitive answers on this one. That’s because many companies either don’t have robust security practices or they do but they live in a culture of secrecy.
Neither scenario is going to help you much. Given the choice, you want to be doing business with a company that’s transparent about its processes and security practices. For example, does the company have defined processes, and do they train their employees on them, and can you attend a security meeting (provided it does not disclose proprietary information about the company)?
The way your vendor answers these questions will tell you a lot about whether you should do business with them. If your vendor seems unsure of their security practices, they probably don’t have a formal protocol laid out.
If they can’t tell you about continuing education for employees, they haven’t done it or don’t do it often enough to warrant record-keeping. If the vendor won’t let you sit in on continuing education, it could be because the company has to keep some of its business practices secret, but it could also mean that either the security training isn’t very thorough or that they don’t do training.
Richard Baker is part of an IT team for a large corporate and enjoys taking the opportunity to share his industry knowledge and insights online. He is a frequent writer for a number of relevant websites.
Your Business Needs These 13 Digital Security Solutions – Here’s How To Get The Most Out Of Each
How would you characterize your organization’s digital security posture? If you’re not sure how to answer this question, or perhaps would prefer not to answer it at all, you’re not alone. Countless decision-makers, from uber-competent CTOs and CISOs to CEOs and COOs who couldn’t code…
Louisiana And Oklahoma Introduce Digital Identification To Prevent Fake ID Use
Digital ID in Louisiana Utilizing digital IDs has been a commonly broached topic for a while now. Although most states are only either deliberating their helpfulness or in the utmost initial stages, Louisiana has moved forward. The primary introduction of this technology was done back…
ScanGuard Review – Here is What You Should Know
Doesn’t it sound good and satisfying to have a goop-performing antivirus that is reliable enough? Yes, it is. For that reason, you need to be extra careful when you are in search of a good antivirus. Put all the necessary factors into consideration so that…
The Emerging Need for Social Media Security
By the time you’ve finished reading this sentence, nearly 700 passwords have been stolen from social media accounts across the world. Social media security breaches have the potential to cause up to $6 trillion in cybercrime damages by 2021, up from $3 billion in costs…
Which New Lorex Security Camera Is Right for Your Home?
Keeping your family and your possessions safe requires a proactive approach, and one way to protect what you care about is with a security camera system. Lorex Technology is well known for their security camera solutions, and their two newest products will change the way…
- 3D Printing
- App Dev
- Artificial Intelligence
- Arts and Entertainment
- Big Data
- Blockchain Tech
- Business Technology
- Car Technology
- Cloud Computing
- Cloud Storage
- Computer and Technology
- Conference Calling
- Coupons and Deals
- Cyber Security
- Dark Left 1
- Data Center
- Data Recovery
- Digital Arena
- Digital Marketing
- Edu Tech
- Email Marketing
- Google Glass
- Guides and Tutorials
- Health and Fitness
- Home Improvement
- Home Security
- Internet and Businesses Online
- Internet Marketing
- IT Careers
- Mobile Apps
- Mobile Security
- New Tech
- Online Shopping
- Project Management
- Reference and Education
- Reputation Management
- Sales & Marketing
- Shopping and Product reviews
- Small Business
- Social Media
- Tech Trends
- Technical Support
- Technology in Education
- Tips & Tricks
- Tips And Tricks
- Video Conferencing
- Virtual Reality
- Wearable Technology
- Web Design
- Web Development
- Web Hosting
Ticking The Box VS Going The Extra Mile: Is Automation Hurting The Customer Experience?
The modern small business has a significant amount of electronic communiqué to deal with day-in and day-out. Most likely, they’ll also have a website that’s a large part of their marketing presence. That standalone site and/or their social media presence can become either highly cost-effective…
How Reinvesting Profits Can Help Your Company To Grow
Making a profit is the obvious goal of any business. But what should you do with those profits once you’ve made them? Two immediate answers spring to mind: save or spend. There is a third option, however, which involves keeping your money moving while making…
How to Immediately Improve Your Online Security
While the internet might seem paradisiacal, danger lurks in the obscurity of it. Apart from outsourcing your IT needs to specialists like IT support companies in London, there are immediate measures you can take to ensure your online world is as secure as the home…
Everything You Need To Know About Cybersecurity In 2019
With long workdays and jam-packed weekends, it’s a godsend that we can do most of our shopping, social interaction, and many other day-to-day tasks from the convenience of our computers and mobile devices. The internet has been making our lives so much easier for the…
4 Reasons Why You Should Upgrade Your Cybersecurity Right Now
Decades have passed since the phenomenon called the internet, cybersecurity is still very much a threat to businesses and individual users alike. Considering how much money cybersecurity companies invest to bolster their solutions, you would think that cybersecurity threats would be a thing of the…
Why Small Businesses Need A Web Application Firewall
Today, cyber security is one of the primary concerns of small businesses and large tech companies alike. The threat landscape is ever-evolving, with increasingly sophisticated hackers racing to thwart cyber security experts as they build stronger lines of defense. On top of that, the numbers…