Work with Companies That Carry Multiple Software Product Lines
Software resellers that carry multiple product lines are incentivized to assist agencies, and provide a vendor-agnostic approach. Original equipment manufacturers, on the other hand, are inclined to tell agencies why their product is right and their competitors’ products are wrong.
In the same vein, small business partners and niche players tend to align themselves with specific OEMs such as Amazon Web Services, Microsoft or Splunk. When an agency turns to them with a security problem, those OEMs are always the answer — limiting flexibility.
Agencies need to start treating a lack of variety among software partners as a red flag. Resellers are more likely to offer frank feedback on the security of the software they offer, and agencies can apply their experience with previous federal customers. That’s only going to become more critical as cyberattacks evolve.
EXPLORE: Reduce supply chain cybersecurity risks with updated GSA standards.
Interagency Collaboration on Software Security Is Key
Only through collaboration can agencies understand what others are doing to ensure software security, as well as how…
