My organization is currently looking at a web-based hosted solution to one of our needs.
I am wondering what is the defacto standard with regard to Saas vendors and communicating the state of their security. My current assumption is that in the majority of cases, the client has no access to anything other than a promise that the vendor is secure. Is that true? Beyond informing management that they are in the position of having to blindly trust the provider; I am looking for any advice as to ways of gaining more comfort with a particular vendor that actually work / have worked for you?
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
