How to Keep Enterprise Safe in an Outsourced World

  • Make a list of your third-party vendors
  • Decide which ones have the highest impact on your operations. Pay the closest attention to them.
  • Nail down who’s responsible for what
  • Contracts and service-level agreements are crucial. You need to be able to hold your vendors responsible. Be clear and explicit about what security practices you require them to follow
  • Check up on your vendors
  • People get sloppy. Set up audits, annual training requirements, or some other process to increase the odds that your vendors stick to the practices you prescribe.
  • Monitor what they’re doing on your network
  • User activity monitoring can save you a lot of agony. Being able to watch a vendor’s activity on your network for anomalies is better than trusting them to catch their own slip-ups.
  • Have an incident response plan
  • Choose team members to be notified and respond in case of suspicious activity. You need to be able to cut off a threat on your end, not just wait for the vendor to fix it.
  • And look for a backup solution for what to do if you need to stop using a vendor’s product on short notice.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Deika Elmi

Deika Elmi

I am a Security Risk Management Professional, one of my interests is also to help increase the number of women and BIPOC working in Cybersecurity