Re: Saas Vendors

[Juan Cortes <juanccortester () gmail com>]

Its all about the contract! Making sure all areas are covered. Could be that
u dont want to deal with them so u let them handle it all under contract .
Or you could have it that your team handles incidents permission to audit
when needed etc...

On Feb 18, 2011 10:33 AM, "Andrew Anderson" <andycapp92 () gmail com> wrote:

My organization is currently looking at a web-based hosted solution to one
of our needs.

I am wondering what is the defacto standard with regard to Saas vendors and
communicating the state of their security.  My current assumption is that in
the majority of cases, the client has no access to anything other than a
promise that the vendor is secure.  Is that true?

Beyond informing  management that they are in the position of having to
blindly trust the provider; I am looking for any advice as to ways of
gaining more comfort with a particular vendor that actually work / have
worked for you?

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com