Pumpkin
    How to Assess the Security of AI Vendors Before You Buy
    Security

    How to Assess the Security of AI Vendors Before You Buy

    August 27, 20247 min read

    AI tools are flooding into professional services. Document analysis, client intake automation, research assistants, workflow automation. The productivity gains are real, and firms that ignore AI risk falling behind competitors who embrace it.

    But here is the tension: AI tools need data to be useful. Often, they need your client data. And handing sensitive financial records, legal documents, or personal information to an AI vendor without understanding their security posture is like giving your house keys to someone you just met at a coffee shop.

    This article gives you a practical framework for evaluating AI vendors before you buy, so you can capture the benefits without creating new risks.

    Why AI Vendors Require Extra Scrutiny

    Traditional software vendors have been through decades of security maturation. The major practice management, document management, and accounting platforms have established security programs, SOC 2 audits, and well-understood data handling practices.

    AI vendors are different:

    **Data training concerns.** Some AI tools use your data to train or improve their models. That means your client's tax return could theoretically influence the output given to another user. Even anonymized training data can sometimes be reverse-engineered.

    **Data residency questions.** AI processing often happens in the cloud, potentially across multiple regions or countries. For firms with clients subject to data residency requirements, this matters.

    **Emerging technology risks.** AI systems can exhibit unexpected behaviors, including hallucinations (generating plausible but false information), prompt injection vulnerabilities, and data leakage through carefully crafted queries.

    **Startup risk.** Many AI vendors are early-stage companies. They may have excellent engineers but immature security programs. They may also disappear entirely, leaving you scrambling for your data.

    The Evaluation Framework

    Break your assessment into five areas. You do not need to spend months on this. A thorough evaluation can be completed in a few days with the right questions.

    Area 1: Data Handling and Privacy

    These are the most important questions for professional firms:

    **How is data processed?** Does the vendor process your data on their servers, in a private cloud instance, or on-premises? Understand the data flow from your systems to theirs and back.

    **Is data used for model training?** This is a deal-breaker for most professional firms. If the vendor uses your client data to train their AI models, walk away. Look for vendors that offer "zero data retention" or "no training on customer data" commitments in their terms of service.

    **Where is data stored?** What geographic regions? On what infrastructure (AWS, Azure, Google Cloud, proprietary)? Can you choose the region?

    **How long is data retained?** Does the vendor retain your data after processing? For how long? Can you request deletion? Is deletion verifiable?

    **What happens to data if you cancel?** Can you export your data? Is it deleted within a specified timeframe? Do they provide a certificate of deletion?

    For law firms, these questions take on additional weight. Read about how law firms can use AI without risking client confidentiality for more context.

    Area 2: Security Certifications and Audits

    **SOC 2 Type II.** This is the gold standard for SaaS vendors. A SOC 2 Type II report demonstrates that the vendor has implemented and maintained effective security controls over a sustained period (typically 12 months). Ask for the most recent report.

    **ISO 27001.** An international standard for information security management systems. Less common among startups but increasingly expected by enterprise customers.

    **Penetration testing.** Does the vendor conduct regular third-party penetration testing? How often? Will they share a summary of results?

    **Bug bounty program.** Does the vendor have a vulnerability disclosure or bug bounty program? This suggests maturity in how they handle security vulnerabilities.

    **HIPAA compliance.** If your firm handles health-related financial data, the vendor may need to be HIPAA compliant and willing to sign a Business Associate Agreement.

    A vendor that cannot provide any of these is not necessarily insecure, but it does mean you have no independent verification of their claims. That is a risk you need to weigh.

    Area 3: Authentication and Access Controls

    **How does the vendor authenticate users?** Do they support SSO (single sign-on) integration with your identity provider? Is MFA supported or required?

    **What are the admin controls?** Can you manage user access, set role-based permissions, and audit who accessed what data?

    **API security.** If the vendor provides an API, how are API keys managed? Is there rate limiting? Are API calls logged?

    **Session management.** How long do sessions last? Is there automatic timeout? Can you remotely revoke sessions?

    Area 4: Infrastructure and Operational Security

    **Encryption.** Is data encrypted at rest and in transit? What encryption standards are used? (Look for AES-256 for data at rest and TLS 1.2+ for data in transit.)

    **Network security.** How is the vendor's infrastructure protected? What about DDoS protection, intrusion detection, and network segmentation?

    **Backup and disaster recovery.** How is data backed up? What is the recovery time objective (RTO) and recovery point objective (RPO)? Have they tested their disaster recovery plan?

    **Incident response.** Does the vendor have a documented incident response plan? What are their breach notification timelines? Will they notify you directly if your data is involved in a breach?

    Area 5: Company Viability and Governance

    **Company stability.** How long has the vendor been in business? What is their funding situation? A vendor that goes bankrupt next year is a problem even if their security is perfect today.

    **Insurance.** Does the vendor carry cyber liability insurance and errors and omissions insurance? What are the coverage limits?

    **Contractual protections.** Are they willing to sign a data processing agreement (DPA)? Do their terms of service include liability caps that are reasonable? Do they include indemnification for data breaches?

    **Subprocessors.** Who does the vendor share your data with? Other cloud providers, analytics tools, support platforms? Each subprocessor is an additional link in the security chain.

    Red Flags

    Walk away or proceed with extreme caution if you encounter any of these:

    • The vendor cannot clearly explain what happens to your data
    • No SOC 2 report and no plans to get one
    • Data is used for model training without an opt-out
    • No encryption at rest
    • Vague or evasive answers to direct security questions
    • No incident response plan or breach notification process
    • Terms of service that disclaim all liability for data breaches
    • No ability to delete your data on request

    Green Flags

    These indicate a vendor that takes security seriously:

    • SOC 2 Type II certification with a recent report
    • Zero data retention or clear data lifecycle documentation
    • Encryption at rest and in transit with strong algorithms
    • SSO and MFA support
    • Transparent privacy policy and data processing agreement
    • Regular third-party penetration testing
    • Clear incident response and breach notification process
    • Willingness to answer security questions thoroughly

    The Questionnaire Approach

    Create a standardized security questionnaire that you send to every AI vendor before evaluation. Include 15-20 questions covering the five areas above. This saves time and ensures consistency.

    Many vendors are accustomed to receiving security questionnaires. If a vendor pushes back on answering reasonable security questions, that tells you something about their priorities.

    Ongoing Monitoring

    Vendor assessment is not a one-time activity. After selecting an AI vendor:

    • Review their SOC 2 report annually
    • Monitor for security incidents or breaches reported in the news
    • Review their terms of service for changes (especially around data training)
    • Periodically reassess whether the vendor still meets your requirements

    Making the Decision

    Perfect security does not exist. Every vendor has some level of risk. The goal is to understand that risk, ensure it is within your firm's tolerance, and implement mitigating controls where needed.

    For some use cases, the risk is low (an AI tool that helps schedule meetings does not need access to client financial data). For others, the risk is significant (an AI tool that analyzes client tax returns needs rigorous security controls).

    Match the level of scrutiny to the sensitivity of the data involved. For your most sensitive data, accept nothing less than the highest security standards.

    For broader guidance on protecting your firm, visit our cybersecurity guide for professional services. And review the cybersecurity checklist to ensure your internal controls match the standards you expect from your vendors.

    Related Articles

    Cybersecurity for Accounting Firms: The Essentials
    Security

    Cybersecurity for Accounting Firms: The Essentials

    A practical guide to the cybersecurity essentials every accounting firm needs to protect client financial data and stay compliant.

    Cybersecurity for Law Firms: How to Protect Client Data
    Security

    Cybersecurity for Law Firms: How to Protect Client Data

    Law firms face unique cybersecurity challenges due to attorney-client privilege. Here is how to protect sensitive client data effectively.

    A Practical Cybersecurity Checklist for Professional Services Firms
    Security

    A Practical Cybersecurity Checklist for Professional Services Firms

    A no-nonsense cybersecurity checklist designed for accounting, law, and advisory firms that need actionable security steps.