5 Ways Assessing Your Vendor’s Security Can Protect Your Business

As a small business owner, you most likely work with many other companies to provide your customer with the best service possible. Those vendors could take care of your printers, HVAC, cleaning or HR. It’s a smart choice for an SMB owner because it takes time of your staff’s hands since many staff members are already wearing many hats. When your vendors do their job, sometimes they will have to touch sensitive data or devices on your network. When that happens, can you say with 100% confidence that they are following the security protocols you find so important? Are they securing their databases? Do they have a backup in place in case of disasters?

In 2013, Target suffered a data breach due to one of their vendors. Being a big box retail company, Target had a large number of vendors. Whether they screened their cybersecurity process is unknown. However, what is known is the HVAC company Target was working with was the source of the data breach. How could an HVAC company infect a company as big as Target? All it takes is going with cheap solutions for security, like free antivirus, and an untrained employee that falls for a malware-laced email phishing attack.

How Assessing Your Vendor’s Security Can Protect Your Business

  1. Protects You and Your Vendors: When you assess a vendor’s security, you are doing them and yourself a favor. Knowing what security measures are set in place lets you know how they handle sensitive information. Doing this assessment helps build trust between both companies. It does so by showing how dedicated a company is to their customers. If a vendor truly values customers and your relationship, they won’t put your data on the line.
  2. Prevents Bad Publicity: When you suffer a data breach, you could end up in the spotlight and not in the way you would like! No matter how the data breach happened, the public will point at you for letting down the customers. And if the data breach was due to a vendor, it was your choice to use them in the end which makes the data breach your responsibility.
  3. Avoid Costly Lawsuits: Lawsuits could happen as well. You could receive class action lawsuits from customers for damages to their name/privacy or you could receive lawsuits from organizations for breaching data security protocols. Many businesses are held to a certain standard when it comes to data security.
  4. Prevents Brand Damage: Brand is something you can’t put a hard value on. When you suffer a data breach, the bad publicity will inevitably hurt your brand as well. This is considered a soft cost due to data breaches. You can’t tell how many people will associate the incident with your brand and never do business with you again.
  5. Protects the Customers: Assessing a vendor’s security also helps protects all customers, yours and theirs. Customer retention is extremely important because we all know how much money it takes to gain new customers. You want to keep their trust and business. Taking care of their sensitive data will help with that!

How to Get a Vendor to Agree to an Assessment

Now, you may be thinking, is asking for a vendor to do an assessment too much? If you gain resistance, you should be wary as to why there is resistance in the first place! Imagine if you wanted to do a home inspection before investing in a house. However, the seller doesn’t like the idea. Makes you second guess buying that house, doesn’t it?

There are several ways you can go about doing an assessment. First, you need to choose a company. Your trusted IT service provider can always help. If you don’t have an IT service provider, it’s good for you to choose a 3rd party. If you let a vendor choose, there could be cases of fake assessments being conducted.

Next is figuring out who pays for the assessment. This depends on who has leverage in the negotiation phase of the contract. If you have leverage, there is no problem asking for the vendor to pay for the assessment. If you don’t have leverage, you can ask to go half-way or even pay for the assessment yourself. This shows that it is not a jab at them, but a good-willed offering to protect your and your customers’ data.

Are you ready to secure you data and customers’ privacy? Contact BDS today to find out more ways you and your vendors can remain secure from cybersecurity threats. Call us at 913-239-0368 to book your consultation today!

Leave a Reply

Your email address will not be published. Required fields are marked *