Sidebar

More

To maintain our high standard of data sovereignty, all new third-party cloud environments (such as specialized SaaS, partner Discords, or external project Slacks) must pass our Pre-Flight Checklist. If a platform lacks essential security features, specifically MFA enforcement or SSO compatibility, users of that platform will be laterally moved to the Concierge Enterprise Multi-Cloud Plan. This ensures that the Principal Steward can implement the necessary manual governance and audit logging required to maintain firm-wide insurance compliance.

New Cloud Onboarding
SaaS Review Request

Pre-Flight Checklist

The Pre-flight Checklist evaluates SaaS platforms for security alignment and data sovereignty. This vetting process ensures that cloud-hosted tools meet the rigorous standards required for continuous access, liability protection, and firm-wide governance.

Check
Requirement
Risk if Missing
Official Identity
Can I join using my firm-email.com address?
Identity Hijack:
Personal emails create an "Identity Island" we cannot secure.
MFA Support
Does this platform allow Multi-Factor Authentication?
Hard Fail:
Uninsured access. Hacked accounts lead to claim denial.
The Mirror Rule
Is there a process to copy "Final Work" back to our Primary Stack?
Data Loss:
If the vendor fails, our intellectual property is lost.
Admin Visibility
Can the Concierge CIO Steward be granted "Auditor" or "Admin" access?
The Blind Spot:
Without visibility, we cannot perform forensic audits.
Exit Strategy
Is there a clear way to revoke access upon offboarding?
Orphaned Identity:
Permanent "backdoors" for ex-employees
SSO Compatibility
Does the platform support "Sign in with Microsoft"?
Governance Bridge:
Allows for instant, centralized revocation of access via Entra ID.
Note: To maintain the integrity of the firm's security perimeter, the Principal Steward is required to Block the App entirely if a successful remediation path
is not implemented.

Login

Your Account

Programs & Policies

Software

Blog categories

Search