Do They Measure Up? Assessing the Security Posture of Third-Party Service Providers

Tuesday, May 17 | 10:30am - 11:20am | Valencia (1st Floor)
Session Type: Professional Development
In these days of outsourcing, SaaS, and clouds, higher education is increasingly turning to third parties to host institution-owned data to gain efficiencies and reduce cost. There are incremental risks in engaging third parties to host institutional data. Adequate security practices must be in place prior to finalizing contractual agreements. This session will introduce a general strategy and several tools already in use for prequalifying and auditing third parties, while interactively soliciting attendee feedback as to their suitability and how they can be improved.


  • David Escalante

    Director of Computer Security, Boston College
  • Andrew Korty

    Information Security Officer, Indiana University

Resources & Downloads