Minimum Viable Secure Product

All third-party service providers and cloud-based vendors handling (store, process, or transmit) sensitive or confidential institutional data must have the following security controls to meet Drexel requirements for a minimum viable secure product (MVSP). For a printable version of this information, download the PDF

    Business Controls

    Authentication Controls

    Application Controls

    Data Controls

    Operational Controls

    Administrative Controls