Network and data security are crucial to protecting your business, but you also have to think externally and keep track of what happens when you connect to a service provider or in situations where a contractor has to actually physically interact with your infrastructure. In those situations, you have to evaluate whether a provider’s security practices are up to your standards and make sure you have policies in place to monitor contractors inside your facility so they don’t purposefully or inadvertently infect or otherwise impact your business-critical internal systems.
Companies are outsourcing workloads to third-party service providers more than ever before in an effort to save money and gain agility. Even though there are benefits, it’s important to understand that you are essentially taking potentially business-critical workloads and moving them away from your data center, which has some inherent risk.
To overcome those risks, you can take three approaches, says James McCloskey, director, advisory services— security and risk at Info-Tech Research Group.