How to Build Trust with Transparency

February 16, 2021

Transparency is the key to building trust with your customers, especially when it comes to your security and risk posture. Not being forthright and honest from the beginning can slow deals down or even cause you to lose them outright. 

When asked about the characteristics of best-in-class SaaS vendors on security, 70% of respondents in a McKinsey & Company survey cited transparency. That same study also found that more than 70% of respondents said uninformed or misleading claims about security capabilities were a cause of dissatisfaction.

Vendor security assessments are a good place to forge transparent relationships with your customers. They allow you to be upfront and straightforward about the security practices you have in place to ensure privacy and protect customer data. Having an issue with your security assessment is a surefire way to disqualify your business from consideration. 

 

Security assessments don’t have to be a four-letter word

Some salespeople hate the security review process because they’ve had a bad experience in the past. Either they lost a deal because they weren’t ready when a security review was sprung on them last minute, or the deal pushed out way longer than expected. But that bad result likely came because of a lack of preparation.

If you’re selling into the middle to upper end of the market, you should plan to do a security review from the outset. Build it into the sales process. When you’re conducting discovery, identify what security needs they have and that will determine what your response should be.

Taking this proactive approach to vendor security will ensure you don’t have any surprises at the end of the sales cycle that could delay the deal. And as any good salesperson will tell you, “Time kills all sales.” Being transparent about your security posture should only serve to accelerate the sales process.


UGVRA_Ad Image

Read The Ultimate Guide to Vendor Risk Management

The current processes for managing and assessing vendor risk and security are manual and outdated—but it doesn’t have to be that way. We go over best practices to modernize your vendor risk assessment program to take it to the next level.

Learn More

 

Tips for Transparent Vendor Security  

There are many little things your business can do to show your customers that transparency about your security policies is a priority for your business. A few are highlighted below.

  • Make your security profile public. Having a public profile posted on your website or in a directory like the Cloud Security Alliance’s STAR Registry or the Whistic Trust Catalog that your customers and prospects can access quickly and easily shows that you have nothing to hide. While there may be some details about your security posture that you’d prefer only to be made available through an NDA, a public profile is a good starting point and oftentimes will provide enough information to pass a security assessment without any extra work on your part. 
  • Share your security posture early in the sales process. Stop being reactive to security requests. Own the conversation and put the ball in the customer’s court by sending them detailed information about your security posture, including answers to standardized questionnaires and any audits or certification documentation you have. If the customer’s goal is to ensure their data will be protected, it shouldn’t matter if it doesn’t match their format exactly. Being transparent about your policies and procedures will make sure you’re starting your relationship on the right foot.
  • Be responsive to questions and concerns. Once a prospect has reviewed your security profile or response to an assessment, they may have additional questions or need more clarity. Respond to these requests quickly with precise, thoughtful answers. Make sure everything you say can be backed up and doesn’t mislead the customer about what your security capabilities are.
  • Partner closely with your security team. The best way to get those answers as quickly as possible is by partnering closely with your security team. They’re likely also responsible for evaluating vendors your business partners with as well, so they’ll know the type of information that will be most effective in resolving any concerns the customer may have.
  • Actions speak louder than words. There is a lot of pressure for SaaS sales teams to close deals and close them fast but make sure they aren’t making promises your product can’t keep. It might help you win business in the short term but will hurt your reputation in the long term.

Being fully transparent with your customers can be hard, especially if there are current limitations in your solution’s security. But losing a deal or two is better than being responsible for a data breach in the future.

 

Build trust with Whistic

With Whistic Profile and the Whistic Trust Catalog, sales teams have the tools in place to build transparent relationships with their customers and prospects. Whistic makes it easy to share up-to-date security, privacy, and compliance documentation that is aligned with the industry’s most widely adopted standards. 

Request a demo today to see how Whistic can help your business or download The Ultimate Guide to Vendor Assessments to learn more.

vendor risk management standards vendor assessment cloud security vendor security review vendor security management

About the author

Whistic
Whistic

The latest insights and updates on information security and third party risk management.

Hate security reviews?
Want FREE AirPods?*

Offer valid for any decision-maker/influencer in relation to your company’s third-party risk management strategy. Company size must exceed 100 employees. Exclusions apply. Limit 1 pair per company.

Close