Educause Security Discussion mailing list archives
Re: Using HECVAT for a vendor who leases copiers to the university
From: "Belsito, Louis D" <belsito () ROWAN EDU>
Date: Wed, 1 Aug 2018 17:28:28 +0000
Thanks for confirming...that was my take on the HECVAT too. Although it does have a 'consultant' aspect to the dynamic questioning I see. I was hoping it would work on vendors that could potently walk away with leased hardware containing classified data. Is there any questionnaire out there that would be better suited for a vendor dealing with leased equipment? Lou Belsito Manager, Information Security Risk Rowan University -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Laura Raderman Sent: Wednesday, August 1, 2018 12:50 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Using HECVAT for a vendor who leases copiers to the university Not ideal - it’s meant more for cloud providers, but some of the questions on data disposal could be used since I’m assuming some of these copiers/printers may store (if just temporarily) data. Laura Raderman ISO Policy & Compliance Coordinator Carnegie Mellon University lraderman () cmu edu
On Aug 1, 2018, at 12:38 PM, Belsito, Louis D <belsito () ROWAN EDU> wrote: I’m new to the HECVAT. Would the HECVAT be an appropriate questionnaire for a printer/copier vendor who will be leasing equipment to an institution? Lou Belsito Manager, Information Security Risk Rowan University T: 856-256-5725
Current thread:
- Using HECVAT for a vendor who leases copiers to the university Belsito, Louis D (Aug 01)
- Re: Using HECVAT for a vendor who leases copiers to the university Laura Raderman (Aug 01)
- Re: Using HECVAT for a vendor who leases copiers to the university Belsito, Louis D (Aug 01)
- Re: Using HECVAT for a vendor who leases copiers to the university Laura Raderman (Aug 01)