Skip to content
IDC Survey- "Who Do You Trust?"
Note: Contact information is used so that T.E.N. can manage distribution in order to respect your inbox once you have responded. All data collected will remain anonymous.
*
1.
Please provide the following information:
(Required.)
Name:
Title:
Company:
Email:
*
Industry:
No. Employees:
Overall IT Budget:
IT Security Budget:
*
2.
PARTNER RISK: Please rate the following factors based on how they might affect your initial risk assessment of a third party partner prospect. (1 = MUCH LOWER RISK; 4 = NO EFFECT; 7 = MUCH HIGHER RISK)
Lo
2
3
N/A
5
6
Hi
Very Large Partner Orgs (revenue, employees, etc.)
Lo
2
3
N/A
5
6
Hi
High IT activity (users, connections, volume, etc.)
Lo
2
3
N/A
5
6
Hi
Higher Contract Value
Lo
2
3
N/A
5
6
Hi
Highly Sensitive Data
Lo
2
3
N/A
5
6
Hi
Strong, positive third party audit results (SOC II, etc.)
Lo
2
3
N/A
5
6
Hi
Score indicating high risk (BitSight, SecurityScorecard, etc.)
Lo
2
3
N/A
5
6
Hi
Recent Breach at the Partner/Prospect
Lo
2
3
N/A
5
6
Hi
Regulator action against partner/prospect
Lo
2
3
N/A
5
6
Hi
3.
CONTROLS: Please identify
frequency
of use with partners of the controls listed below (1=NEVER)
1
2
3
4
5
6
7
Remote interviews of partner (phone, webinar, etc.)
1
2
3
4
5
6
7
On-site visits to partner facilities
1
2
3
4
5
6
7
Encrypted Communications
1
2
3
4
5
6
7
Firewall Isolated Networks
1
2
3
4
5
6
7
Multifactor authentication
1
2
3
4
5
6
7
User activity real-time monitoring (IDS, UBA, etc.)
1
2
3
4
5
6
7
Custom application protection (e.g. WAF, CASB, etc.)
1
2
3
4
5
6
7
Custom data protection (e.g. DLP, DRM, etc.)
1
2
3
4
5
6
7
Emulation, virtualization, containerization, etc.
1
2
3
4
5
6
7
3rd party online scoring service
1
2
3
4
5
6
7
4.
CONTROLS: Please identify
importance
of use with partners of the controls listed below (1=not at all)
1
2
3
4
5
6
7
Remote interviews of partner (phone, webinar, etc.)
1
2
3
4
5
6
7
On-site visits to partner facilities
1
2
3
4
5
6
7
Encrypted Communications
1
2
3
4
5
6
7
Firewall Isolated Networks
1
2
3
4
5
6
7
Multifactor authentication
1
2
3
4
5
6
7
User activity real-time monitoring (IDS, UBA, etc.)
1
2
3
4
5
6
7
Custom application protection (e.g. WAF, CASB, etc.)
1
2
3
4
5
6
7
Custom data protection (e.g. DLP, DRM, etc.)
1
2
3
4
5
6
7
Emulation, virtualization, containerization, etc.
1
2
3
4
5
6
7
3rd party online scoring service
1
2
3
4
5
6
7
5.
COMMON OUTCOMES: How often do the following occur (1=never happens; 7=always happens)
1
2
3
4
5
6
7
Your org rejects a 3rd party due to inadequate security
1
2
3
4
5
6
7
Your org identifies a security/control issue with 3rd party
1
2
3
4
5
6
7
Your org identifies a possible breach due to 3rd party
1
2
3
4
5
6
7
How often do any of 1,2,3 above happen to your org?***
1
2
3
4
5
6
7
Your org select a 3rd party due to superior security
1
2
3
4
5
6
7
6.
COMPARE: How does your company’s security rate compared to your avg 3rd party business partner?
Much Lower
Lower
Same
Higher
Much Higher
