Category : Audits , Bankruptcy , Business , Computer Forensics , Cyber Attackers , Cyber Attacks , Cyber Crime , Cyber Security , Data , Data Backup , Data Breach , Data Breaches , Data Management , Data Security , Employee Information , Hack , Hackers , Hacking , Internal Security , Network , Network Security , Security , Security Vulnerabilities , Third Party Vendors
Dear Blast Readers,
Does your company use third-party vendors? Do those vendors make data security a priority? Does your company allow third-party vendors to access your companies network?
Third-party vendors are companies that offer services that the primary company can not support. It is considered a business necessity with most companies to outsource data management, activity processing, and storage to third-party vendors. But, did you know putting your company’s data into the hands of third-party vendors puts your data at risk of being breached?
It is common for hackers to try and use third-party vendors to gain access to a business’s data. Yes, businesses may have their own cyber security protocols in place, but access must be given to third-party vendors. When access to a business’s network spans out to a third-party, this is when possible network security vulnerabilities are created.
All businesses are responsible for the data that they collect, transmit, use and process, and they are still responsible for that data even when the data is entrusted to a third party.
If a third-party vendor gets hacked the consequences for your business varies, depending on the seriousness of the hack. A less serious hack can cause your business to lose vital data, and confidential employee information can be compromised. If the hack is a serious hack there are a few things that can happen, ranging from intense media attention to bankruptcy.
Outsourced contractors are often the primary targets of data breaches. So, it is important for the third-party vendors to takes data security seriously. But, how can you be sure if a third-party vendor is a security-conscious vendor? Some signs that a third-party vendor is security-conscious are:
- The vendors have comprehensive security policies & disaster recovery plans in place and are updated and reviewed regularly.
- Data Back-ups and recoveries are performed regularly. In case of hardware failure, the vendor has back-up servers to avoid interruptions.
- Internal security audits are performed regularly.
- Employees that have access to company data are vetted carefully (thorough background checks are performed).
But, as important as it is to make sure that the third-party vendors take data security seriously. It is also just as important to make sure that the data is secure on your end. To do that it is important to:
- Have a strong internal security policy.
- Know what data is sensitive & where it is located on your system. Never give one person access to more than one portion of your sensitive data.
- Know your responsibilities and rights, as well at know those of your providers.
Another important aspect of a data breach is the reporting requirements. Reporting requirements differ depending upon the state in which the breach occurs. Additionally, if a breach involves information of clients across state or country lines, other reporting requirements will come into effect. It is vital to know your state’s cyber security breach reporting requirements.
If you have any questions about Data Breaches, Cyber Security, Computer Forensics, or Reporting requirements contact FDS Global. You can reach us at our office at (954)727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.