Assess the Security of Your Product With the MVSP Checklist

Dan Cerceo Avatar

·

·

Do you need a simple way to assess the security of your product or a third party? The Minimum Viable Secure Product checklist is a great place to start.

At Assumed, we believe that “security” isn’t simple, but it should be! When we first began our mission at Assumed, we set out to find an easy way to guide companies of all shapes and sizes on their information security journey. A framework or guidelines were an obvious solution. However, frameworks like SOC2, ISO27001, and even NIST were too big and too complex to be a starting point for most organizations. So we decided to create our own. Before we got very far, I discovered the Minimum Viable Secure Product or MVSP checklist. The timing was perfect.

The MVSP is a checklist of requirements to assess a product’s or application’s security. You can use it as a self-assessment tool or a third-party vetting questionnaire to evaluate your partners. It helps establish a minimum security baseline for enterprise-ready products and services. It intends to be minimal, practical, and modern, unlike most other security frameworks and questionnaires you might be used to. We were so delighted about this discovery that we joined the MVSP Working Group to contribute to furthering the idea. The MVSP is backed by some of the best security-minded companies, including Google, CISA, Salesforce, and Okta. We are in good company.

The MVSP will guide you in answering essential questions about the security posture of your product or service, such as:

  • Do you provide your employees with security training relevant to their role in your organization?
  • Does your product use secure password authentication mechanisms?
  • Do you log user activity?
  • Is application data encrypted in transit and at rest?
  • Does your application have backup and disaster recovery procedures in place?

We took it a step further and created the Assumed Secure app. Our app allows you to quickly navigate the MVSP checklist to complete a self-assessment or vet a vendor or partner. It also allows you to monitor compliance status against the MVSP principles and create a roadmap to improve your security posture.  

The app is a simple way to get started, but if you’re used to filling out questionnaires, usually in spreadsheet format, we’ve got you covered there, too.  

Check it out for free, no strings attached, to level up your security game. It’s our contribution to the community for businesses of all types who are serious about security, privacy, and compliance.