Reference no: EM132192647
Just write 1 reponse for this post with your own words and 80 words+
Security is the main concern for the companies in present days. While purchasing the new technology, there are few things that the purchaser should consider.
Security history of the product or service: Companies need to independently research the security history of the product or service they're considering, and the vendor's history. So that they can find good vendor who can deliver quality product.
Security audit of the product: Companies should ask the vendor which security consultancy does its external code auditing and product testing, and ask to see the auditor's reports for the products they're considering. If the vendor is unwilling to share the reports, companies should insist that purchase contracts contain promises about the quality and frequency of the vendor's security testing. Without proper testing we can't predict the quality of the product.
Support for the technology providers: Companies need to ask about the level of detail in a vendor's security advisories, the notices that technology providers issue whenever a new vulnerability is discovered in their products. As a product provider, the vendor should accept the issues found in thee product and he should give the support to resolve the issue.
Trust or verify: Even products with the highest quality of engineering will inevitably suffer from security vulnerabilities. Although responsible technology vendors will let customers know as soon as possible when vulnerability in their products puts customers at risk, it's always a good idea for companies to keep track of their vulnerabilities for themselves as much as possible.
Remedy for these concerns is to form a separate team who takes care of everything.