If you work in a regulated industry such as financial services or healthcare and have sensitive customer information to protect, you’re well aware of the importance of data security. What you may be less confident about is how to know you’re working with a secure print vendor.
When looking for a marketing communications partner that you can trust to handle your clients’ most sensitive information, you need to screen potential vendors’ security processes, procedures, and practices in order to determine whether they’re up to par.
You want to work with a partner who takes security as seriously as you do. But do you know what you’re looking for?
2. Day-to-day compliance to such policies has been confirmed by third-party security audits, such as AT-101 SOC 2 Type II or AT-C 205 SOC 2 Type II. Unfortunately, just because a vendor claims to have policies in place doesn’t mean they’re scrupulous about following through. Third-party audits provide increased confidence.
3. Technological systems are protected and secure. Examples of technological security measures include secure file transfer, secure email, password strength and security standards, network security, minimum network security requirements for all devices connecting to network, and routine system monitoring.
4. They conduct background checks on all employees. A company’s own employees are among its greatest security strengths and liabilities. Background checks help to minimize any potential threat. A thorough background check should include checks for criminal record, sex offender, civil litigation, SSN verification, government watch list, credit and bankruptcy, and driving record.
5. Warehouse facilities are secured. Your print fulfillment vendor’s warehouse should be a locked facility with limited access under 24-hour video surveillance.
6. They maintain a non-disclosure agreement (NDA). Your and your clients’ information is too valuable for you to just assume that it will be treated as confidential by the vendor. Verify that they expressly promise to withhold all data from third parties.
7. The vendor has a broad enough scope of services to produce all components of your project in house. It’s not a requirement to fulfill every element of a project through one vendor, but it does simplify the process of vetting all vendors involved. If a potential marketing partner plans to work with other vendors to complete certain aspects of the project, you will need to verify that each one of those outside vendors also fulfills your security criteria. If you choose to proceed, ask to see their Vendor Due Diligence policy.
Streamworks is a marketing communications partner who takes security as serious as you do, providing certified secure solutions for all your mail production, data management, and digital marketing needs.
There are a lot of variables to keep in mind when evaluating potential print vendors. For help keeping them all straight – and making sure you don’t forget anything – download and print our free Secure Marketing Communications Checklist. Keep it on your desk as a handy reference to guide the conversation or jog your memory when meeting with potential marketing communications partners.