Make sure those vendors are securing their own computers and networks. For example, what if your accountant, who has all your financial data, loses his laptop? Or a vendor whose network is connected to yours gets hacked? The result: your business data and your customers’ personal information may end up in the wrong hands — putting your business and your customers at risk.
- Put it in writing
Include provisions for security in your vendor contracts, like a plan to evaluate and update security controls, since threats change. Make the security provisions that are critical to your company non-negotiable. - Verify compliance
Establish processes so you can confirm that vendors follow your rules. Don’t just take their word for it. - Make changes as needed
Cybersecurity threats change rapidly. Make sure your vendors keep their security up to date
See next post for What To Do…
Additional Information
https://www.ftc.gov/tips-advice/business-center/small-businesses/cybersecurity/vendor-security