Genuine question: Don't the other companies talk about security in their replies to the RFQ? Wouldn't that cause the original company to stop and ask the other repliers about the security they would implement (if they didn't mention security)?
Well that's just it, security is talked about but the buyer (the hotel in this case) is often not in a position to actually evaluate the vendor's claims.
You can put down "device should not be hackable" but without their own competent IT arm the hotel can't possibly verify the product delivers on the security promise.
> Well that's just it, security is talked about but the buyer (the hotel in this case) is often not in a position to actually evaluate the vendor's claims.
But at least the buyer becomes aware that security might be an issues, and thus take it into account when making the final decision. (Even if its just "take the lowest bidder that talks about security convincingly"). OTOH, this doesn't work for buyers that don't actually care.
> You can put down "device should not be hackable" but without their own competent IT arm the hotel can't possibly verify the product delivers on the security promise.
Sure, but if the vendor puts this in the contract and the hotel does get hacked, isn't the vendor then suddenly liable?
