client asked question about security?

[bootNumlock]

here is a question that one of my clients has asked me in regards to possibly hosting sites for him...

"I see you do web hosting. What do you have for security, both physical and applications?
My client is attending an E-security event and will probably have very tight security requirements on everything involved on the website. In fact here's the language used in their RFP:
"Describe how your company produces conference websites. Include information on physical and application security for websites. You will need to pass a security assessment by our IT team. Costs to comply to our security requirements will be borne by your company."

can anyone from vortech shed any light on the hi-tech security measures you take.

[electricfox]

I hear brad totes a 12-gauge.

[admin]

physical security for the DC you must have a card read for the main door then anther card to get in the DC then keys to get in to any of the racks.

application security we run so many systems this is hard to put here in a post but all systems are kept up todate and are checked by our 2 security admins for any issues once a week from router, switchs down to the server.

I don't have a 12-gauge but a 9mm SE..

[bootNumlock]

hey brad--could you send me a list of the security systems--if you have time--it would be good for me to have when clients ask crud like that.

[Vixen]

Quote:

Originally posted by electricfox
I hear brad totes a 12-gauge.

Actually he has a Rottweiler and me. LoL

[Craig_Smith]

Its funny how all these companies who have a so-called "IT Team" would go to such tremendous lengths to check security from an unknown host rather than get their own server and do it themselves..LOL.

[jmbeach]

Quote:

Originally posted by bootNumlock02
You will need to pass a security assessment by our IT team. Costs to comply to our security requirements will be borne by your company.

I don't know how potentially profitable this client could be for you, but I agree that any company/person with the nerve to expect you to pay for costs incurred to meed their requirements, while touting they have an IT department, needs some serious education on the "real world" - and no, I don't mean the MTV world...

[bootNumlock]

very valid points and i feel the exact same way, but hey, i am a sales rep/business owner/prostitute and if the client says my IT dept. needs your security specs. I say 'thank you sir, can i have another'...

oh wait, i am all confused, i say 'how high'

the best part is, i will jump through all these hoops (not to mention pass the buck down to you) and then the client will be a slow or no pay-- oh, well at least i can say i got the job

i need to go home!!

did i mention i don't type so good

[somereseller]

Quote:

Originally posted by Craig_Smith
Its funny how all these companies who have a so-called "IT Team" would go to such tremendous lengths to check security from an unknown host rather than get their own server and do it themselves..LOL.

Exactly...If this guy wants security, he better have his own box and a good admin for it. There is no security in a shared environnement.