535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

October 20, 2015

Working With Vendors? Don't Get Blindsided by a Data Breach

By now you’re most likely familiar with the high-profile data breach surrounding Experian’s T-Mobile account, which exposed the sensitive information of about 15 million of the mobile company’s customers.

It was an ugly security incident, especially when considering that Experian is one of the largest credit services in the world and, therefore, a company that you would expect to have made digital security a top priority.

Unfortunately, following the breach, KrebsOnSecurity posted an interesting article detailing the multitude of problems at Experian that may have contributed to the breach. What’s apparent, based on Krebs’ interviews with former security officials at Experian, is that there was a big disconnect between Experian’s board of directors and the security policies being promoted across the enterprise.

“What the board of directors at Experian wanted security-wise and the security capabilities on the ground were two completely different things,” former CIO at Experian Jasun Tate was quoted in the article as saying. “Senior leadership there said they were pursuing a very aggressive growth-by-acquisition campaign. The acquisition team would have a very strict protocol on how they assess whether a business may be viable to buy, but the subsequent integration of the business into our core security architecture was just a black box of magic in terms of how it was to be implemented. And I’m not saying successful magic at all.”

The article goes on to explain how the company’s board was completely in the dark about the security policies of its individual business units.

Here’s why your business should take note of this report:

If an invasive attack like this could happen at a company like Experian, it could easily happen to your business if you’re not prepared. The Experian data breach is a clear reminder that it’s very easy to lose control over your organization’s digital security endpoints if you’re not vigilant.

Communication and transparency are both critical components of a healthy digital security environment. Take these staples away and the risks multiply.

You may be wondering: How is it possible for a large enterprise to look after its various endpoints when there are so many? It’s true that this can be a very difficult task, especially for a busy IT department.

The answer is by outsourcing to a managed services provider (MSP), which will provide the constant oversight and necessary communication to enforce security polices across all endpoints within the enterprise. An MSP can manage all parties involved, from corporate end users to third-party companies that provide niche services for the organization and have direct access to the corporate network.

What’s more, by outsourcing your cybersecurity needs to an MSP, you can solve another major problem that businesses often face in the IT department: turnover. The KrebsOnSecurity article, for instance, points out the large number of employees who have left the company for less frustrating roles and who value and respect strong digital security policies. Your top security advisors will gain a strong asset in an MSP–one they can rely on to ensure the corporation’s security needs are being met at all times.







Related Articles