Educause Security Discussion mailing list archives

Re: Anyone Using Slate CRM?

From: Laura Raderman <lraderman () CMU EDU>
Date: Thu, 9 Jan 2020 15:12:56 +0000

They’ve provided us with an AoC for service providers (signed by a 3rd party QSA) for the last several years, which 
means at least in a subset of systems (those that process card data), they’re following the PCIDSS guidelines, which 
includes monitoring and response capabilities.

Laura Raderman
ISO Policy & Compliance Coordinator
Carnegie Mellon University
lraderman () cmu edu

On Jan 9, 2020, at 9:57 AM, Travis, Andrew <atravis () RADFORD EDU> wrote:

We are looking at migrating to Slate for our student CRM and I was curious if anyone else on this list is using Slate 
at your school?  We've received the HECVAT and AWS SOC2 report, but the HECVAT noted that they have no CISO, security 
engineers, security analysts or security operations center.  Technolutions (the creators of Slate) confirmed their 
CIO is their security team.  My concern is that they don't have anyone reviewing security events to detect data 
breaches or system compromises.  Since we are evaluating using Slate to store highly sensitive data such as SSNs and 
Driver's License numbers, I'm hesitant to approve purchasing their product.  I'm curious how any of you all would 
have mitigated that risk if you use Slate.

Thanks for your help!

Andrew Travis
Information Security Officer
Radford University
radford.edu/it-security
**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread:

Anyone Using Slate CRM? Travis, Andrew (Jan 09)
- Re: Anyone Using Slate CRM? Laura Raderman (Jan 09)
- Re: Anyone Using Slate CRM? Victoria Gabbai (Jan 09)
  - Re: Anyone Using Slate CRM? John Bradley (Jan 09)