Getting Serious About Security: Crucial Questions to Ask Your Systems and Software Suppliers
Taking security for granted isn’t an option today. If your company or organization hasn’t done a basic security scan or a full-on penetration test, then here some things you should ask your vendors about regarding your security while using their services.
How Did You Develop Your Product?
There are two basic ways to develop a product. Either the company developed something out of a personal experience or they found a problem in the marketplace and devised a solution for it.
Ideally, you’ll want to do business with someone in the former category. Why? Because companies that develop out of personal or shared experiences tend to have a better grasp on the problem, solution, and implications of their solution.
Who Is Going To Help Set It Up?
You don’t want to set up a new application without support. First of all, if you do it incorrectly, you could create a security issue. Secondly, you don’t want a non-functioning app with no support. Your SaaS vendors should have a knowledge base that you can reference, but sometimes you need more.
Ask about options for assisted installation.
What’s The Most Complex Installation You’ve Done Thus Far?
Get a more comprehensive understanding about how the whole process works, and be wary of nonspecific or vague answers to your questions. Your vendor should be overflowing with details about the install process.
Also, you’ll want to know what type of experience the vendor has with complicated installs. Onboarding can take a few wrong turns even when the installation team is well-versed in your application and experienced with the installation process. Know how your vendor manages setbacks.
What Does My IT Team Need To Know?
Is there any part of the installation process you will have to perform yourself? What about penetration testing after the install. Companies, like Sec-Tec.co.uk, often recommend that you have testing done after any major change to your network or system. If your vendor doesn’t, ask why.
Are You 27001 Accredited?
The ISO 27001 certification signifies a company’s commitment to best practices in cloud security and data handling. If your vendor isn’t, ask why. Most reputable companies will seek out this accreditation so it’s unusual for a company to not bother with it.
Have You Done A Recent Penetration Test?
Has your vendor done a recent penetration test? If not, ask why. Most security firms recommend pen testing at least once per quarter. If you store financial or healthcare-related information, you may want to have it done more often.
What Are Your Current Security Practices?
This is a big one, and it’s easy to avoid giving you definitive answers on this one. That’s because many companies either don’t have robust security practices or they do but they live in a culture of secrecy.
Neither scenario is going to help you much. Given the choice, you want to be doing business with a company that’s transparent about its processes and security practices. For example, does the company have defined processes, and do they train their employees on them, and can you attend a security meeting (provided it does not disclose proprietary information about the company)?
The way your vendor answers these questions will tell you a lot about whether you should do business with them. If your vendor seems unsure of their security practices, they probably don’t have a formal protocol laid out.
If they can’t tell you about continuing education for employees, they haven’t done it or don’t do it often enough to warrant record-keeping. If the vendor won’t let you sit in on continuing education, it could be because the company has to keep some of its business practices secret, but it could also mean that either the security training isn’t very thorough or that they don’t do training.
Richard Baker is part of an IT team for a large corporate and enjoys taking the opportunity to share his industry knowledge and insights online. He is a frequent writer for a number of relevant websites.
How To Pay Safely On The Net?
Nowadays the scientific and technical progress is developing rapidly leaving behind and introducing more and more things. E-commerce became an important part of almost every company. It allows reaching the wider auditory, in comparison with the traditional way of promoting. But usually online business requires…
7 Common Reasons Why WordPress Websites Get Hacked
If there is one content management system (CMS) that’s credited for revolutionizing the modern web, it’s WordPress. Thanks to this revolutionary software, making any type of website is not difficult today. Its flexibility and ease of use make it so popular that WordPress powers as…
Manage Endpoint Security With Cloud-Based Action 1
Meet a free Cloud-based endpoint security and patch management solution from Action1 (www.action1.com). This top-ranking solution facilitates network discovery, enables you to find installed software and orchestrate software updates across all your endpoints regardless of their location. With many tools over there, you might be…
Private Practice: Crucial Services Your Startup Needs
Medical professionals around the world dream of having their own private practice. It allows more freedom for dictating your own schedule but it does come with its own set of challenges and while many are similar to those most startups face, starting a business in…
How To Keep Your Personal Information Anonymous And Secure While Using A Web Browser
Browsing the web or checking Facebook a few times a day has recently become something natural as breathing and eating. People wake up, immediately reaching for their phones to be up to date. Is it already an addiction to the Internet? Of course, it depends…
- 3D Printing
- App Dev
- Artificial Intelligence
- Arts and Entertainment
- Big Data
- Blockchain Tech
- Business Technology
- Car Technology
- Cloud Computing
- Cloud Storage
- Computer and Technology
- Conference Calling
- Coupons and Deals
- Cyber Security
- Dark Left 1
- Data Center
- Data Recovery
- Digital Arena
- Digital Marketing
- Edu Tech
- Email Marketing
- Google Glass
- Guides and Tutorials
- Health and Fitness
- Home Appliance
- Home Improvement
- Home Security
- Internet and Businesses Online
- Internet Marketing
- IT Careers
- Mobile Apps
- Mobile Security
- New Tech
- Online Shopping
- Project Management
- Reference and Education
- Reputation Management
- Sales & Marketing
- Self Improvement
- Shopping and Product reviews
- Small Business
- Social Media
- Tech Trends
- Technical Support
- Technology in Education
- Tips & Tricks
- Tips And Tricks
- Video Conferencing
- Virtual Reality
- Wearable Technology
- Web Design
- Web Development
- Web Hosting
Technology Revolutionizing The Way We Communicate
Over time we have witnessed how much technology has shaped and changed the dynamics of our world. Right from the origin of the internet to the set up of the online gaming industry including FPS games, online casinos, and websites like www.betting.co.uk making it easier…
Importance Of Data Quality Management In Today’s World
Data is the lifeline of our world today. Corporations, companies both large and small, government and educational institutions now rely on big data to derive valuable insights and create personalized experiences. But data is only useful if it is clean and can be used for…
Online Security Tips You Might Not Know About
Technology is now playing a major role in our daily lives. From how we work to how we spend our leisure time; it is central to us all now. Of course, a tech advance that has transformed our lives the most is the internet. While…
Here’s How Proxies Can Aid Email Protection
Are you concerned about your email protection measures? If that is the case, then this is for you. It all began in November 2014 with leaked emails from Sony Movie Pictures. After this leakage of emails went viral all over the world, people, organizations and…
3 Ways to Prepare For Cyber Security Risks That Employees Must Know
In a world where everything is much easier to do via mobile, app, or device, technology is not going to slow down. We’re all guilty of potentially owning more than one device, whether that is our personal phones, work phones, tablets or fitness trackers. All…
Non-Negotiable Elements For Your Business IT Security Plan
In 2019, having a business IT security plan is more important than ever. An IT security plan is the first line of defense you have for protecting your business – and your clients – against cybercriminals. Cybercriminals include hackers, who frequently obtain personal information with…