laurencem

By: laurencem on July 6th, 2018

Print/Save as PDF

3 Ways to Protect Confidential Data From Contractor Mistakes

Cybersecurity

When hackers breached the network of retail giant Target and accessed the records of 70 million customers—including names, addresses, phone numbers, and credit card numbers—investigators discovered that a contractor was to blame. The criminals had stolen network credentials from an HVAC subcontractor that had worked at several Target locations. Thieves used those credentials to open a $162 million data breach. Last year alone, 3.4 billion records were exposed in data breaches. To protect your business computer network from a similar attack, managed IT service providers recommend taking three important steps.

secured against data breach

1. Ask the right questions.

person asking questionsBefore you give a contractor access to sensitive customer information, ask detailed questions about how the contractor will keep that information secure. If you aren't sure what steps should be taken, consult with a managed IT service provider for security recommendations.

2. Draft a written data security agreement.

drafted contractWhen it comes to something as important as your security, don't rely on a verbal agreement. Put your expectations in writing. Create a security contract that both parties can agree to. Spell out your specific requirements for firewalls, data encryption, system logs, and other security measures. Be sure to include a provision requiring the contractor to notify you immediately if sensitive data becomes exposed.

3. Trust, but verify.

Verified informationThere's only one way to be sure that a contractor is honoring your security agreement: check to make sure. Don't just take their word for it. Test to make sure that your security expectations are being met. Remember, if a data breach occurs, and sensitive information is exposed, your business is ultimately responsible.

Don't let hackers break into your business computer network.

Intelligent Technical Solutions is a managed IT service provider focused on protecting your business against hackers, ransomware, and other cyber threats. To begin your free cybersecurity audit, contact ITS today.New call-to-action