Get Started Today!  (415) 295-4898

croom new

415 IT Blog

Companies Need to Keep Their Vendors’ Security In Mind

Companies Need to Keep Their Vendors’ Security In Mind

Data breaches have a tendency to destabilize relationships. With so many data-related problems befalling businesses nowadays, it is important that each side of every data-driven relationship understands their role in the protection of other organizations’ data. Today, we’ll take a look at the issue and how to determine if your partners are putting in the effort required to keep your data secure. 

Are Your Vendors Properly Protecting Your Information?

We’ve seen businesses have a litany of challenges protecting their sensitive data over the past several years, and as threats get more sophisticated it poses more problems. Additionally, many businesses outsource a fair amount of their operational and support efforts and that can have a negative effect on their security. 

So, how do you know that your vendors are protecting your information?

You ask them, of course. 

Before you onboard any new vendor, you should come up with a questionnaire that asks the right questions about how they handle their own cybersecurity, and more specifically (and importantly) how they go about handling your information. 

At 415 IT, we do this for all of our clients to ensure that they are partnering with reliable companies that, at the very least, are attempting to do the right things to protect sensitive information. 

Questions You Should Ask Your Vendors

The first thing you should consider when making up some questions to ask your vendors about security is: do you understand the answers? If you don’t know what you are doing, you could just assume any thoughtfully answered response would be sufficient. This is far from true and is a liability, especially in trying to ascertain what risk your business is facing by doing business with a company. We can’t stress enough that if you don’t have someone that knows what they are doing, you need to find someone, as this will serve you much better in times like this.

Let’s go through a couple of important questions you should ask if you do have the competence available to sufficiently measure risk from the answers:

  1. Do you collect, store, or transmit personally identifiable information (PII)?
  2. If so, do you store your PII onsite or in the cloud?
  3. How do you provide users access to the PII you store?
  4. Can PII be accessed remotely?
  5. Do you constantly monitor all services, systems, and networks?
  6. What regulatory bodies does your business operate under? Do you have proof of compliance?
  7. What kind of encryption do you use for data-at-rest? Data-in-transit?
  8. Do you consistently patch your software? 
  9. Do you have mobile device management and IoT management systems?
  10. Do you utilize legacy systems that aren’t supported by manufacturers?
  11. What cybersecurity tools do you use?
  12. Do you have language in your agreements about vendor cybersecurity? 
  13. How are your continuity systems?
  14. How would you go about the situation in the event of a data breach?
  15. What authentication procedures do you use? 
  16. Do you train your employees on the best practices of cybersecurity?

There are many more questions you can ask, and you should ask them if you find them necessary. Vetting your vendors is a great way to know if they have your best interests in mind. 

If you would like to partner with a company that not only has your best interests in mind, but also can help you ascertain if your other partners do as well, give 415 IT a call at (415) 295-4898 today.

Tip of the Week: The ABCs of Windows Shortcuts
Voice over Internet Protocol is a Solid Business T...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, May 07 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to

Mobile? Grab this Article

QR Code

Tag Cloud

Security Tip of the Week Technology Productivity Best Practices Business Computing IT Support Data Data Backup Network Security Privacy Cloud Hosted Solutions Internet IT Services Data Recovery Software Business Efficiency Email Managed IT Services Google User Tips Mobile Device Small Business Innovation Malware Hackers Phishing Collaboration Hardware Cybersecurity Outsourced IT Communication Business Management Android Computer Cloud Computing Upgrade Smartphone Workplace Tips Managed Service Backup Quick Tips Tech Term VoIp Mobile Devices Microsoft Disaster Recovery Windows 10 Business Continuity Smartphones Covid-19 Communications Ransomware Paperless Office Users Saving Money Managed Service Provider Remote Work Passwords Network Encryption Browser Remote Monitoring Data Management Artificial Intelligence Internet of Things Wi-Fi Office 365 Server Business Technology BDR Managed IT Windows Social Media Help Desk Compliance Windows 7 Save Money Microsoft Office Healthcare Holiday Government Document Management Vulnerability Scam Health Automation Remote Applications Blockchain Managed Services Employer-Employee Relationship Virtualization Facebook Data Security Chrome Miscellaneous Managed IT services Laptops Two-factor Authentication Redundancy BYOD Vendor Management Gadgets Wireless Avoiding Downtime Infrastructure Antivirus Information Machine Learning Meetings Processor Project Management Analytics Office Mobile Office Bandwidth Tip of the week IoT Regulations Employee-Employer Relationship Maintenance VPN Hard Drive Information Technology IT Management Networking Apps OneDrive Storage Customer Relationship Management Training Router HIPAA Software as a Service Net Neutrality RMM Files Access Control Virtual Private Network Proactive Time Management Website Remote Worker Company Culture WiFi Data Loss Mobility Flexibility Instant Messaging Mobile Security Consulting Downtime Alert Voice over Internet Protocol Unified Communications Payment Cards Management Server Management Holidays Co-Managed IT Display File Sharing Customer Service Managed Services Provider Spam Assessment The Internet of Things Remote Workers Gmail Risk Management Cooperation Professional Services Search Money Utility Computing Network Management Bring Your Own Device Consultation Conferencing Vendor Remote Computing Free Resource Tablet Data Storage Internet Exlporer Monitoring Big Data Mobile Dark Web Augmented Reality Word Password Smart Devices Recycling Images 101 Smart Technology Remote Monitoring and Management Patch Management Data Breach Social Network Computing Financial Operating System Unified Threat Management Employees File Management Electronic Health Records User Management Techology Recovery Content Filtering Technology Tips Proactive Maintenance Solid State Drive Managing Stress Bluetooth Shadow IT Vendors Data Warehousing Projects Nanotechnology Wires Legislation Solid State Drives Chatbots Innovations Distributed Denial of Service Bookmarks ROI Outsource IT Fleet Tracking Zero-Day Threat Value of Managed Services Mirgation Technology Laws Hacker Specifications Cyberattacks Social PowerPoint Mobile Computing Operations Teamwork Outlook Wearable Technology Disaster Resistance Star Wars Digital Payment Hotspot Mobile Device Management Cybercrime Cyber security Emergency Multi-Factor Security Enterprise Content Management Outsourcing Return on Investment App Peripheral Options Telephone Identity Theft Printer Enterprise Resource Planning Websites IT YouTube Managed IT Service Favorites Geography Laptop Asset Tracking Backup and Disaster Recovery Unified Threat Management Cache Optimization CES Black Friday Read Only Security Cameras Video Conferencing MSP Finance Shared resources Going Green Shortcut Proactive IT Banking Mouse Language Point of Sale Tech Terms Database Management Social Networking Settings Personal Information Screen Reader PCI DSS 5G Mobile VoIP Identity SaaS Business Telephone Videos Break Fix Modem High-Speed Internet Remote Working Permissions Human Error Manufacturing Virtual Machines Cyber Monday Staff Printing Virtual Assistant Bitcoin Lenovo Biometric Microsoft Excel Authentication Batteries Tech Support IT Consulting Reviews Computing Infrastructure E-Commerce Theft GDPR Samsung Touchscreen G Suite Hacking Transportation Active Directory Smart Tech Electronic Medical Records Wireless Internet SharePoint IT Assessment Media Superfish Development Budget Google Calendar Fraud OneNote Permission Mail Merge User Error Heating/Cooling Credit Cards Wasting Time Current Events Gamification Authorization CIO applications IT Technicians Cost Management End of Support Alerts Features Motherboard Chromebook Trending Politics Windows Server Connectivity CRM Travel Employer/Employee Relationships Apple Downloads Statistics Digitize Ergonomics Virtual Reality Cookies Cables How To Test Hard Disk Drives Sensors Address Migration eWaste Servers Computers Customer Relationships Firewall Private Cloud Database WPA3 Windows Server 2008 Gifts Comparison Licensing Procurement Notes Vulnerabilities Regulation Students Daniel Stevens Marketing Printers Education CEO Twitter

Latest Blog

Windows has no shortage of capabilities to offer its users, with many of these tools coming with an associated Windows shortcut. Since keeping track of all of them can be a challenge, we wanted to assemble a list of most of them for you. This blog will serve as that list, so...

Latest News

We are proud to announce that 415 IT and our CEO, Daniel Stevens, were recently featured by CIO Applications. We discussed how and why we serve our clients, as well as some sneak peeks for our future. Read our interview by visiting:  https:...