Re: Community Experience with Vendor "ScheduleOnce"

[Velislav K Pavlov <VelislavPavlov () FERRIS EDU>]

We recently reviewed them. They declined to fill out HECVAT or CSA CAIQ. Through the customer success manager. We were 
able to receive some responses to assist with the risk assessment process. Contact me if you'd like to discuss our 
observations and conclusion.

Vel Pavlov | Coordinator, IT Security
M.Sc. ISM, CISSP, C|HFI, C|EH, C)PTE,
Security+, CNA, MPCS, ITILv3F, A+
VelPavlov () ferris edu<mailto:VelPavlov () ferris edu>
[cid:image001.png@01D24414.DC8BCD70]


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joseph Z 
DeLeon
Sent: Wednesday, August 9, 2017 7:28 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Community Experience with Vendor "ScheduleOnce"

**Notice** This message is from a sender outside of the Ferris Office 365 mail system. Use caution when clicking links 
or opening attachments. For assistance determining if this email is safe, please contact TAC.
________________________________
Hi All,

I'm wondering if anyone has had experience with a SaaS vendor that provides basic scheduling services, called 
"ScheduleOnce".

The vendor claims to have significant use in higher education but has proven to be unusually contentious in contract 
negotiations and discussion around even basic security/privacy expectations.

Please feel free to contact me directly with any experience or information and thanks in advance!


Sincerely,

Joseph Z. DeLeon, CISSP|CISM
Director of IT Risk and Security
University of Washington Bothell
T: 425.352.3325