What Application Service Provider Customers Should Know About Information Security

TruSecure Expert Provides Top 10 Questions Companies Should Ask Their ASPs About Information Security

As organizations turn to Application Service Providers (ASPs) in greater numbers to outsource non-core business functions, the issue of how well ASPs address information security becomes increasingly critical. ASPs are faced with the enormous task of ensuring that critical data and other computer-based services can be safely stored, maintained and accessed. Now, more than ever, organizations evaluating ASPs need to address a number of key security issues in order to confidently rely on an ASP, says Paul Robertson, director of risk assessment, TruSecure? Corporation.

Robertson suggests the following questions every company should ask before they select an ASP. For the complete list of top ten questions, please visit

http://www.trusecure.com/html/news/press/asp.shtml.

– How does your ASP prove information security due diligence?

– What is the historical performance of your ASP in terms of incidents relating to infrastructure and/or customer activity?

– How does your ASP proactively address the flood of new vulnerabilities and patches?

– Does your ASP have an ongoing information security program?

– What internal policies does your ASP have in place to ensure policy compliance of human resources, Internet security, remote access, help desk, administration, etc.?

“It is more important than ever to have appropriate security measures in place,” says Robertson. “A greater level of security should be at the forefront of companies’ minds. Companies need to be asking their application service providers these questions so that their businesses are not affected by poor information security management.”

For media interested in speaking with Mr. Robertson, please contact Cynthia S. Smith of TruSecure Corp. at (703) 480-8509 or csmith@trusecure.com, or Nicole Cuda or Sherry Moskowitz of Schwartz Communications at (781) 684-0770 or TruSecure@schwartz-pr.com.

About the Expert

Paul Robertson is director of risk assessment at TruSecure and an internationally recognized security expert. Mr. Robertson is a contributing writer to Information Security? magazine, the industry’s leading trade publication, providing news, analysis, insight and commentary on today’s infosecurity marketplace. He has more than 16 years of experience in TCP/IP, Internet services and software as they relate to computer, network, and information security. Prior to TruSecure, Mr. Robertson was a lead analyst for the Gannett Company where he assisted in the planning of USAToday.com, the online site for the top circulation daily newspaper in the U.S. and one of the most heavily trafficked sites in the world. Prior to Gannett, he worked for the United States Armed Forces where he provided computer and telecommunications support for the White House staff.

About TruSecure Corporation

TruSecure is the leading Managed Security Services Provider (MSSP), offering the only fully integrated, enterprise risk management services on the market. TruSecure’s unique blend of proactive risk reduction with real-time security management, monitoring and response assures continuous security of critical business information assets. TruSecure Certification has become a globally recognized symbol of commitment to effective security in an interconnected economy. Additionally, TruSecure owns the independently operated ICSA Labs? and Information Security? magazine. Headquartered in Herndon, VA, TruSecure protects more than 700 sites in over 30 countries, with operations in North America, Europe and Asia Pacific. For more information about TruSecure, please visit www.trusecure.com.

###

TruSecure, ICSA, and Information Security are registered trademarks of TruSecure Corporation. All other trademarks and service marks mentioned herein are property of their respective owners.