Data breaches are all over the news all the time. When was the last time you swiped your credit card and didn’t wonder whether this would be the time that your information would get stolen? Fast food restaurants and major retailers seem to be especially vulnerable to this type of cyber-assault, but what about these businesses makes them an easy target?
Aside from the fact hackers stand to gain larger quantities of information from huge corporations, the way they gain access has one big thing in common- third parties. The majority of data breaches – 63% – are caused by third party vendors.
It’s crucial if you have a business of any size to ensure the third parties with which you are contracting are taking all the necessary precautions, because the cost in dollars and reputation for cleaning up data breaches will fall on you.
According to Digital Guardian, “This trend isn’t new by any means. Recent years have seenmany examples of data breaches and other cybercrime being carried out via third-party compromises. High profile examples in 2015 included the PNI Photo hack that led to compromises of online photo services at CVS, Costco, Sam’s Club and more, as well as thedata breach at Medical Informatics Engineering, provider of EHR software NoMoreClipboard, which made off with data on a targeted group of MIE clients.
“So what can be done to defend against these attacks?” continues the article. “For one, companies must change the way they view security. As evidenced by many of these attacks, information security is no longer an internal effort, but instead must be accounted for throughout a company’s entire business network – up and down the supply chain.
Any entity that a company does business with can make them vulnerable, and as a result companies must make security a top criterion when choosing the partners and suppliers with which they’ll do business. Where business relationships exist, security should be a collaborative effort between all stakeholders as much as possible.
Rather than each member of your supply chain have disparate security programs that could lead to gaps in protection, businesses should collaborate to develop a coordinated security effort across all of their individual environments.”
Whether you are contracting with a credit card processing company to run your customer transactions or with a billing company to send bills to medical patients, you MUST ensure that your customers’ data is handled properly. The only way to make that happen is to ensure you are doing business with reputable third parties that are certified to handle the work they are contracted to do. Learn more about preventing third party data breaches from this infographic.