Data security breaches

Why is this a risk?

When engaging suppliers, it is highly likely that some suppliers will obtain information about your company, products, pricing, employees or customers, and will store that information on their systems. The way suppliers store your information, the technology used to ensure it remains secure and confidential, and the way that information is exchanged with you all need to be closely assessed and managed. As many suppliers these days involve technology solutions - many of which are hosted solutions - there is a need to ensure that your suppliers take extra precautions.

 

Examples of where this risk could affect you

  • Your supplier provides a SaaS technology solution that hosts a technology platform containing your proprietary data

  • You have a supplier that is going to provide you with market intelligence and needs to access your customer information to conduct a comparative analysis

  • You engage a bookkeeping service in certain markets to help you account for transactions according to the local statutory accounts, and engagement requires you to provide your chart of accounts, invoices and transaction data to a supplier in an emerging market

 

What sort of suppliers could be engaged in this risk area?

The types of suppliers that are likely to hold your data could extend to:

  • Data warehousing, technology and SaaS software providers

  • HR and employee payment/salary processing

  • Accounting, legal and tax firms

 

How are these risks managed?

The risks of data security are normally managed through:

  • Ensuring that the data processor engages in best practices for data management and data security

  • Reviewing policies and procedures

  • Testing policies with intrusion attempts and other means to validate that they actually work

Previous Article
Business continuity
Business continuity

Understanding where potential exposure to supply interruption and the development of continuity plans can s...

Next Article
Intellectual property infringement
Intellectual property infringement

In many situations, your company will be sharing such intellectual property with your suppliers. Therefore,...