Google, Salesforce and others develop security baseline

A Minimum Viable Secure Product standard is designed to introduce a uniform security baseline when evaluating vendors and products.

on November 1, 2021 at 1:52 pm | Reading time: 2 minutes

Marketing organizations are by no means alone in working with third-party vendors and cloud-based SaaS solutions. Those relationships can hardly be seamless without allowing some degree of access to data and systems. While cloud-based software is no longer generally regarded as less secure than on-prem applications, security risks do exist.

That’s why a consortium of tech companies, including Google, Salesforce, Slack and Okta, the secure identity platform, have worked together to develop a Minimum Viable Secure Product standard, setting out a vendor-neutral baseline of product security. One aim is to reduce the need to negotiate security practices with each individual vendor a business uses. The baseline requirements would be incorporated in the RFP process for maximum transparency.

The concise checklist of requirements covers elements such as frequency of patching, incident handling, password policy and disaster recovery. It is based on an analysis of existing model vendor security contracts used by companies such as Google and Dropbox.

Why we care. So security is one thing that is not owned by marketing. Very true, but marketing generally does own responsibility for the marketing technology stack and is involved in evaluating vendors and solutions. Baseline security is the interest of the business as a whole and this initiative seems to be a positive step in the direction of ensuring it — even if some businesses are going to require more stringent security levels and will be adding further requirements to the standard.

Contributing authors are invited to create content for MarTech and are chosen for their expertise and contribution to the search community. Our contributors work under the oversight of the editorial staff and contributions are checked for quality and relevance to our readers. MarTech is owned by Semrush. Contributor was not asked to make any direct or indirect mentions of Semrush. The opinions they express are their own.

Add MarTech to your Google News feed.    Google News

Related stories

New on MarTech

About the author

Kim Davis
Contributor
Kim Davis is currently editor at large at MarTech. Born in London, but a New Yorker for almost three decades, Kim started covering enterprise software ten years ago. His experience encompasses SaaS for the enterprise, digital- ad data-driven urban planning, and applications of SaaS, digital technology, and data in the marketing space. He first wrote about marketing technology as editor of Haymarket’s The Hub, a dedicated marketing tech website, which subsequently became a channel on the established direct marketing brand DMN. Kim joined DMN proper in 2016, as a senior editor, becoming Executive Editor, then Editor-in-Chief a position he held until January 2020. Shortly thereafter he joined Third Door Media as Editorial Director at MarTech.

Kim was Associate Editor at a New York Times hyper-local news site, The Local: East Village, and has previously worked as an editor of an academic publication, and as a music journalist. He has written hundreds of New York restaurant reviews for a personal blog, and has been an occasional guest contributor to Eater.

Related topics

Salesforce