The partner security posture is derived from the average security posture of all systems belonging to the partner. To calculate the partner security posture, Cylitic first determines each system's security posture by gathering, analyzing, and scoring multiple data points. These data points typically include:
- Whether the operating system in use is supported and receives timely security updates from the vendor.
- The amount and severity of unique software vulnerabilities on the system that require security patches.
- Whether the system drives are encrypted and only accessible to authorized users.
- Whether the system is operating with “least-privileges” or running as an administrator or privileged account.
- Whether the system is protected by a firewall that appropriately defends it from unauthorized network traffic.
- Other factors, which may be configured to support a customer’s unique security policies and controls.
After scoring each individual system, Cylitic assigns the average system security posture as the Partner Security Posture label that corresponds to the partners current risk level.
Partner Security Posture options:
- Excellent: This is an excellent security posture because the partner has no issues.
- Good: This is a good security posture because the partner only has a few issues.
- Needs attention: This is security posture needs attention because it has several issues.
- Poor: This is the lowest security posture because it has many significant issues.
- Unmanaged: Cylitic does not have an understanding of this partners security posture because it is unmanaged.