10 Security Questions to Ask Your Tech Vendors
- Does the Vendor have a recent SOC2 & SOC3 Report (Annual) they can share w/ you?
- Does the Vendor have any of the following certifications: FedRAMP, StateRAMP, ISO, CSA?
- Does the Vendor follow a Secure Software Development Lifecycle (SSDLC)?
- What is the Vendor’s Software Bill of Materials (SBOM)?
- What does the Vendor’s Incident Response Program entail?
- Can the Vendor explain their Vulnerability Testing processes?
- What Penetration Testing does the Vendor do?
- How does the Vendor leverage Multi-Factor Authentication?
- Does the Vendor offer Single Sign-On functionality for customers?
- Can the Vendor provide background checks that map to CJIS requirements?
Interested in hearing more from our speakers?
Check out Larry Zorio’s, CISO at Mark43, resources for public safety:
Watch Chief Ishii’s fireside chat around Taking the Leap and Reaping the Benefits of a Modern Tech Strategy
Ready to schedule a demo? Fill out the form and a member of our team will be in touch!
