Could Your Business Partners Be Putting Your Organization at Risk?

To be successful in business, it makes sense to partner with other businesses who are experts in their field.  But before you outsource your critical business process to a third party, have you vetted that they are following cyber security best practices?  If you don’t, you are putting your organization at risk.

A recent SecureLink and Ponemon Institute study revealed the disconnect between an organization’s perceived third party access threat and the security measures it employs. The findings show that organizations are not taking the necessary steps to reduce third-party remote access risk and are exposing their networks to security and non-compliance risks. Of the 627 individuals interviewed by Ponemon, 44% of organizations have experienced a breach within the last 12 months, with 74% saying it was the result of giving too much privileged access to third parties.

Dr. Larry Ponemon, Chairman and Founder of Ponemon Institute, says that “Providing remote access to third parties without implementing the appropriate security safeguards is almost guaranteeing a security incident and a data breach involving sensitive and confidential information. It is important that organizations assess the security and privacy practices of the third parties that have access to their networks and ensure that they have just enough access to perform their designated responsibilities and nothing more.”

When it comes to third party partners, a cyber security best practice is to ensure partners only have enough access to do the job they were hired for.  Anything more could put your business at unnecessary risk.  You also need to be aware of your partner’s security and privacy practices, especially if the business relationship relies on the sharing of confidential data. The study also found that 54% of organizations are not monitoring the security and privacy practices of third parties that they share sensitive or confidential information with, which puts those companies at risk of not just a data breach, but of being out of compliance with regulations.

47% of the people surveyed said that they don’t have centralized control of their partner’s access due to the complexity of the relationships. Uzado can help by providing third party cyber security audits and by helping you ensure your partners only have access to what they need.  Contact us to learn more.