The third party or business partner could perform security up to or even beyond your standards, but there’s always the possibility for negligence. If there’s even the slightest concern that a third party is being careless with the security of your organization’s data, you should act immediately.
Before giving your data to a third party or business partner, there should be a thorough review of the partner and how it performs security. This can include security questionnaires, on-site visits, audits of the third party’s environment and a review of its regulatory certifications. Vendor management has become one of the largest areas of concern when it comes to data governance, and it’s a growing risk if due diligence isn’t done upfront. Read more of my article at the link below:
This is a Security Bloggers Network syndicated blog post authored by Matthew Pascucci. Read the original post at: Frontline Sentinel