Mosaic’s security teams establish policies and controls, monitor compliance with those controls, and prove our security and compliance to third-party auditors.
Our policies are based on the following foundational principles:
Enterprise Security
Vendor Security
Mosaic uses a risk-based approach to vendor security. Factors which influence the inherent risk rating of a vendor include:
Access to customer and corporate data
Integration with production environments
Potential damage to the Mosaic brand
Once the inherent risk rating has been determined, the security of the vendor is evaluated in order to determine a residual risk rating and an approval decision for the vendor.