informa
/
Risk
Commentary

You're Secure. Now What About Your Vendors And Providers?

Having spent time and resources securing your own network, shouldn't you make sure that your customers, vendors, and providers have made the same effort?
Having spent time and resources securing your own network, shouldn't you make sure that your customers, vendors, and providers have made the same effort?A good piece on Dark Reading about security mistakes in the Cloud got me thinking about something we should all be thinking about: How secure are the services and businesses (both vendors and customers) that we connect to?

As Kelly Jackson Higgins points out in the Dark Reading piece, insistence upon thorough, probably third-party security verification for your providers is not just sound business policy, it is, I believe, an obligation and a responsibility.

And speaking of business, digital security and security practices aren't the only concerns you should raising: How solid and sound are your providers and vendors as businesses? How prepared are you to maintain operations without missing a step if your primary provider stumbles and falls?

More than that: What is your business's legal exposure if your provider or Cloud-based service suffers a data breach? And what is your recourse in the event of such a compromise?

Kelly's piece is focused on the Cloud, but the questions raised apply to every business you're connected to and dependent on, and if you haven't asked them of each of those, and of each you are considering you should, and soon.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5