Panorays Provides Vendor Security Evaluation Criteria as Coronavirus Forces Large-Scale Remote Working
Companies are welcome to update their vendor assessments with new set of readily available questions
NEW YORK, March 09, 2020 (GLOBE NEWSWIRE) — Panorays, a rapidly growing provider of automated third-party security lifecycle management, has published today its vendor evaluation criteria for new work-from-home business practices.
Panorays CTO Demi Ben-Ari explains, “In the wake of the Coronavirus, companies are immediately shifting to a mass remote workforce. This sudden transition is creating a ripple effect of cybersecurity challenges, including the lack of strategic support, technology risks, human risks and supply chain attacks. Companies must properly address these challenges to succeed in maintaining business as usual.”
Because companies rely on their supply chain, they are also impacted by their suppliers’ security. Companies assessing their suppliers for security and regulatory practices must now also check their suppliers’ readiness for a mass remote workforce.
In an effort to ensure the resilience of the supply chain during these turbulent times, Panorays has readily made available the related vendor evaluation criteria, broken down to 18 questions. Companies are welcome to use these questions to assess their vendors’ preparedness for working from home.
- Authentication and Authorization – assessing practices such as enforcing two-factor authentication for remote employees and access control policies
- Resilience and Business Continuity – from network structure and expected latency delays to data backup practices
- Procedure and Processes – including training employees for phishing attacks and the authenticity of communication
Here are some questions that a company should be asking to get started:
- Are remote work practices and policies in place?
- How many employees already have remote work capabilities?
- How much of day-to-day activity is suitable for remote working today?
- What is the company’s remote access mechanism?
- Which client devices are allowed to access the company’s digital assets remotely?
- Does the company enforce 2FA for employees with remote work capabilities?
- Does the company enforce strong passwords for all employees with remote work capabilities?
- How does the company control access to internal services for remote working?
The full group of questions can be found at the Panorays blog at: https://www.panorays.com/blog/service-announcement-the-right-questions-to-ask-your-vendors-in-times-of-large-scale-remote-working/
Panorays automates third-party security lifecycle management. With the Panorays platform, companies dramatically speed up their third-party security evaluation process and gain continuous visibility while ensuring compliance to regulations such as GDPR, CCPA and NYDFS. It is the only platform that enables companies to easily view, manage and engage on the security posture of their third parties, vendors, suppliers and business partners. Panorays is a SaaS-based platform, with no installation needed.
For more information, visit www.panorays.com.