Basket £ 0.00 (0 items)
You are here: HomeArticle › Reports find high security risks among policies for third-party vendors

Reports find high security risks among policies for third-party vendors

From SC Magazine

"Two recent reports highlight the security and privacy threats posed by third-party vendors. The reports examine companies' procedures for handling third-party vendor permissions and the ability of companies to track these vendors' activities.

One of the reports, which surveyed IT and security professionals in the US, UK, Germany and France, found that more than two-thirds (69%) of organisations surveyed said they may have been breached in the last year as a result of vendor access. The Vendor Vulnerability report, conducted by the remote desktop company Bomgar, found that companies have, on average, 89 vendors accessing their network every week.

Many organisations do not possess reliable information about the vendors accessing their internal systems. According to the survey, just 35% of the decision makers surveyed were ‘very confident’ that they knew how many vendors have access to their systems. A similar percentage of the participants (34%) expressed confidence in the number of log-ins that vendors possess.

The survey also found a high percentage of companies that provide nearly full access to their third-party vendors. According to the study, 44% of the professionals said their companies do not employ gradations of permission settings for vendors and instead use an ‘on/off approach’ to access.”

Read more at SC Magazine


NCC Weekly News Update 12 April 2016 

 

Contact

For more information about The National Computing Centre and our services, please contact us at the details below:

Email: info@ncc.co.uk
Telephone: +44 (0)870 908 8767
Fax: +44 (0)870 134 0931

Click here for more contact information


TwitterFollow us on Twitter
Linked InJoin our LinkedIn Group
FBLike us on Facebook

 

Management Guidelines

NCC Guidelines Vol 5 No 1

more in Management Guidelines

 

Professional Development

Cloud Computing

more in Professional Development

 

Analyst Digest

September 2016 Bulletin published

more in Analyst Digest