For startups and smaller businesses, when it comes to partnering or merging with larger companies, they can’t assume that a partner has taken care of all things security or that their “one size fits all” approach will not over scope your security compliance burden.