Blog

In today’s data-sensitive world, mishandling private customer information can have devastating consequences.

Hefty fines. Reputational damage. Lost customers. Lost revenue. In recent years, even the most enormous companies have been left stunned and staggering in the wake of such events (just ask Facebook, Target and Equifax). For smaller companies, a data breach of such magnitude could well be a fatal blow.

With new data protection regulations coming at you every year, your business needs to stay up to date. There's no doubt that you’ve put measures in place to ensure you handle data with the utmost care and security within your own organization but how about your vendors?

When looking for a marketing communications partner that you can trust to handle your clients’ most sensitive information, you need to screen potential vendors’ security processes, procedures, and practices in order to determine whether they’re up to par.

At Streamworks, we take security as serious as you do. We take extra precautions to ensure the confidentiality and integrity of your data is always maintained.

If you're struggling how to evaluate a secure vendor, below are some critical things to look for:

Secure Vendor Checklist

 The vendor has infrastructure and procedures designed to maintain, protect, and ensure data security. Such procedures include a clean desk policy, privacy policy, disaster recovery plan, acceptable use policy, and physical building security.

 Technological systems are protected and secure. Examples of technological security measures include secure file transfer, secure email, password strength and security standards, network security, minimum network security requirements for all devices connecting to network, and routine system monitoring.

 Day-to-day compliance to such policies has been confirmed by third-party security audits, such as AT-101 SOC 2 Type II or AT-C 205 SOC 2 Type II. Unfortunately, just because a vendor claims to have policies in place doesn’t mean they’re scrupulous about following through. Third-party audits provide increased confidence.

 They maintain a non-disclosure agreement (NDA). Your and your clients’ information is too valuable for you to assume that it will be treated as confidential by the vendor. Verify that they expressly promise to withhold all data from third parties.

 They conduct background checks on all employees. A company’s own employees are among its greatest security strengths and liabilities. Background checks help to minimize any potential threat. A thorough background check should include checks for criminal record, sex offender, civil litigation, SSN verification, government watch list, credit and bankruptcy, and driving record.

 The vendor has a broad enough scope of services to produce all components of your project in house. It’s not a requirement to fulfill every element of a project through one vendor, but it does simplify the process of vetting all vendors involved.

If a potential marketing partner plans to work with other vendors to complete certain aspects of the project, you will need to verify that each one of those outside vendors also fulfills your security criteria. If you choose to proceed, ask to see their Vendor Due Diligence policy.

There are many variables to consider when evaluating potential print vendors. Keep them all straight by downloading our FREE Secure Marketing Communications Checklist today.