Q: Do the AskCody security policies cover disallowing password reuse, required endpoint (laptop, desktop, mobile device) encryption, 2-factor authentication for remote network access and disallowing shared accounts or group accounts? Is multi-factor authentication used for privileged users accessing systems remotely?
Q: What are your minimum password standards?
A: 64 characters using 1Password
Q: Do you outsource any operational or IT functions that are on the critical path of the services that you are providing like Cloud Infrastructure/VPS, Helpdesk, Email or Metrics?
A: No, everything is managed in-house
Q: Are you using antivirus on your endpoints (laptops, desktops, mobile devices), and do you have any anti-malware controls other than antivirus on your endpoints?
A: Yes. Mandatory on all “clients”