Save time with unbiased, independent feedback on vendor solutions.
Watch weekly bite-sized webinars hosted by IANS Faculty.
Establishing a proof of concept (PoC) with a third party presents several security challenges, including granting access to network resources and sensitive data. This piece explains how to balance the needs of the business and security by establishing policies, procedures and resources for safe and effective PoCs.
We suggest the security and sourcing team establish an initial risk assessment to discern the level of risk the third-party PoC presents to the organization. Consider incorporating
the following questions into the PoC risk assessment prior to moving forward:
Next, establish access required for the PoC. Typically, most PoCs falls into three categories:
Once you understand the access required for the PoC, you need to secure it. At a minimum, consider:
Specific vendor risk management principles should be established prior to commencing with the PoC. Ensuring the prospective vendor does not have excessive
access to network resources and data should be a priority. These risks can be mitigated by:
Successful, secure PoCs require striking a balance of security and productivity, so the business can meet its objectives and continue to conform with security policy.
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in
connection with such information, opinions, or advice.
February 29, 2024
By IANS Research
Access key data sets from the 2023 -2024 IANS and Artico Search’s Cybersecurity Staff Compensation Benchmark Report. Gain valuable insights on cybersecurity staff roles to hire and retain top security talent.
Access key data from IANS and Artico Search’s Compensation, Budget and Satisfaction for CISOs in Financial Services, 2023-2024 report. Find valuable insights around the Financial Services CISO role to help better understand your situation, improve job satisfaction and drive organizational change.
February 21, 2024
Learn why cloud IR is critical to security and not just another box to check. Find guidance to get started building a strong cloud IR program.