10 Best Practices for Sharing Sensitive Information with Vendors

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13
Next Next

Don't Create Generic Security Expectations

Don't create a generic expectation for security. You've probably heard of companies requiring their vendors to provide an "adequate" level of security. This is not a good practice, because "adequate" can be interpreted many different ways. You have to be clear about expectations in regard to security if you want to decrease your chances of third-party security issues. Ideally, you should cite an industry standard like ISO27001, NIST800-53, or the PCI data security standards.

Deloitte published a report recently, noting that "the market is currently underinvested in the area of vendor management, particularly when it comes to tools, methods and processes." This same report also noted that businesses are increasingly outsourcing functions. As vendors have become more important in the day-to-day functioning of businesses, companies need to ensure that their data is safe on these third-party networks.

For organizations that are just getting started with a formalized vendor risk management (VRM) program, BitSight Technologies has prepared a list of the do's and don'ts of sharing sensitive information with vendors.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

Security117-190x128.jpg 5 Steps to Protect Executives from a Whale-Phishing Attack

Whaling is a type of spearphishing targeting "big fish" in an organization with access to sensitive, highly-valuable information. ...  More >>

Security116-190x128.jpg 5 Common Failures Companies Make Regarding Data Breaches

Five common failures companies make when preparing for, and responding to, a data breach, as well as guidance for companies on how they can tackle these issues. ...  More >>

Security115-290x195 Data-Centric Approach Starves Data-Hungry Cybercriminals

Incorporating security capabilities such as encryption, better control and management and a data security framework will help alleviate the burden breaches place on the organization and people's lives. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.