Can you Afford a Third-Party Data Breach?

Can you Afford a Third-Party Data Breach?

The lowdown on keeping your data secure: Select Restaurants and PG&E 

The past few years have been filled with data breaches, cyberattacks, and unauthorized access. With all of these cyberattacks happening, it makes it feel like a new company falls victim each day.

In 2017, Select Restaurants left customers’ sensitive information – including name, card number, expiration date, and CVV– on the table. The company, which manages 12 seafood restaurants across the US, was alerted to the hack by their point of sale (POS) vendor. Further investigation showed a data breach across all of the restaurant locations, stemming from a third-party network intrusion.

Earlier this year an unnamed utility company was fined $2.7 million for leaving 30,000 records about its information security assets exposed online for 70 days back in 2016. Just this week, it was released that this company was Pacific Gas & Electric Company (PG&E). According to Data Breach Today, this breach happened after a third-party contractor had improperly copied data from the utility network to their own network.

Are you next?

These events highlight the multitude of data breaches that occur every day (remember Tesla, Ford, and Ticketmaster), which leads us to ask this question– how secure is your data, especially when it comes to your third-party vendor access?

Have you considered the consequences of becoming susceptible to a data breach or ransomware attack? In a Ponemon Institute and IBM study, they reviewed the current Cost of a Data Breach. After a 10-month process of interviewing 1,500 people across 383 companies around the globe, the report concluded that the average cost of a data breach is $4 million, which is up 29% since 2013.

Discover how the high cost of a data breach impacts your bottom line by downloading our ROI Kits. Uncover the benefits of implementing a secure third-party remote access platform by downloading our ROI Kit for Enterprises. For technology vendors, download your ROI Kit for Technology Vendors to discover the benefits of using a secure third-party remote access platform.

Three ways to keep your data secure:

• Evaluate your vendors: Just one unregulated third-party could allow a hacker access to your entire network. It is important to be selective when choosing your vendors.
  1. Determine what data each of your vendors needs access to.
  2. Confirm that the internal assessments and controls of your vendors align with your organization’s assessments and controls.
  3. Confirm that your vendors have strong security policies and procedures in place to ensure your company is in compliance with the latest regulatory requirements.
• Enforce strong reporting and auditing: To ensure visibility of your vendors’ actions, regular security audits and in-depth report logs are imperative. It is important to monitor the “who/what/when/where” of every individual accessing your network. By monitoring and tracking all movements on your network, you’ll be able to detect vulnerabilities and weaknesses immediately – and address them swiftly.
• Ensure powerful controls: By analyzing your vendors’ security protocols, you can make sure your company’s security requirements are being met. Ensuring you have granular levels of control over the degree of access you grant each of your vendors – and what data specific individuals can see on your network – will help keep your data secure. Gaining complete control of your vendors’ access will minimize your exposure to third-party data breaches.

With a 26% chance of a data breach occurring over the next 24 months, can you afford to take that risk? Securing all third-party access to your company’s network will keep your data secure and ensure you avoid the associated financial, reputational, and regulatory risks.

About SecureLink

Our sole focus is secure third-party remote access. For highly regulated enterprise organizations, SecureLink Enterprise has pioneered a secure remote access platform. SecureLink for enterprise allows an organization to identify, control, and audit third-party vendors. For vendors, SecureLink is the gold standard remote access support platform because it is easy, efficient, and ensures compliance and reduces liability when supporting customers.