ETS S2, E3, Part 1 - How to Evaluate an IT Services Provider

ETS S2, E3, Part 1 - How to Evaluate an IT Services Provider

Fred Cobb - EVP and CISO, InfoSystems

Keith Hales - COO, InfoSystems

In part one of this podcast episode, InfoSystems' EVP and CISO, Fred Cobb, and COO, Keith Hales, discuss the things you should think about when evaluating an IT Services Provider. It's no secret that IT companies are often chosen for the wrong reasons - company politics, personal relationships, etc. In this episode Fred and Keith talk through important qualifications that your IT Services Provider should have and how you can ask questions that will help you qualify them.

These qualifications include:

- How the IT Company has invested in technology - An IT Company that hasn't invested much in technology won't be able to provide you with much (if any) assistance.

- If the IT Company has a Service Level Agreement - This is a contract defining what services will be provided and details surrounding those services. These contracts are available to be customized for you based on your needs.

- If the IT Company is SOC 2 Type 2 Certified - You can determine the validity of any IT Company claiming they can do Cybersecurity work by requesting a SOC 2 Type 2 Certification (called an Attestation Letter). SOC 2 Type 2 is the most important cybersecurity certification an IT company can get.

Part one of this episode is essential for helping enterprise leaders understand the questions that build relationships with responsible, trustworthy IT Companies. Make sure to continue listening as Fred and Keith break down what SOC 2 certification is and why it's so important in Part 2.