Maybe you are thinking "Why are you poking at business partners before looking at your own network?" Maybe that seems unfair or hypocritical.
Here's my logic- first, there are plenty of resources for helping to secure your systems (and I hope to add to them later), but not many that look outside- and almost none that apply to the small guy checking up on the big guys. Also, we pay some of the partners- franchisors, vendors and others- and that gives us the right to hold them accountable. We're the little guy, we are often required to use their systems, we can't opt out and still do business. These are their systems and it is their responsibility to secure them.
It is our responsibility to protect our systems and our interests. To me, that includes holding our partners accountable.