Vendor access is one of the most critical areas of risk in any compliance program. Third-party vendors often have access to sensitive systems and data, making it essential to regularly review and monitor their access.

The Vendor Access page in Secureframe helps you centralize and manage this oversight by showing which vendors have access to your environment, what they can access, and whether that access is still appropriate. This visibility is key to maintaining compliance with frameworks like SOC 2, ISO 27001, and more.

Search Features

Once on the Vendor Access page, you can search by the following:

• Personnel name
• Selected Vendors
• In Audit Scope, All Personnel, Terminated
• Filters like MFA, SSO, Privilege and more

Symbol Meanings

✅ Green Checkmark – The service is enabled or active.

❌ Black Cross – The service is disabled.

❓ Question Mark – Secureframe does not retrieve this specific information.

Frequently Asked Questions (FAQ)

Why does Secureframe show a question mark for some vendor information, even though similar data is available for other vendors?

• If Secureframe is unable to retrieve certain information for a vendor, it is usually due to limitations in that vendor’s API. Some APIs do not provide access to all data points.

Why isn't SSO showing up under Vendor Access page for any of my personnel?

• At this time, we're unable to query the status for certain integrations, which is why you’re seeing the "?" icon. This is due to limitations in the available APIs and how that data can be retrieved.
• For integrations where status information is available, you’ll see either a green checkmark or an "X" displayed on the vendor access page.