When parents seek out a nanny or baby sitter to care for their children while they are out of the house, surely they go through all reasonable measures to ensure their kids are in the best hands possible. And once they settle on a caretaker, responsible parents will regularly check in to make sure their hired helpers are properly performing the job at hand.
Considering the proliferation and sheer value of information today, perhaps businesses should look at their data with the same loving mind as a mother would her child. That means, ensure the people contracted to maintain that data are properly doing their job because if they aren’t, the organisation is the one responsible for explaining what happened to its customers. Customers will not make the distinction between a business and its partner.
Easier said then done, I admit. After all, remember “The Hand that Rocks the Cradle?”
I am again reminded of this need for organisations to deeply scrutinise their contractors - especially the ones handling their data.
To best offer advice, I will pull an excerpt from a story I wrote last summer.
When a company’s critical data is in the hands of a service provider, the hope is that vendor has security controls “at least matching” what the organisation is running internally, says Arabella Hallawell, a Gartner analyst who specialises in outsourcing.
But the only way to assure such safeguards is through well-crafted service-level agreements (SLA), experts say.
“Most organisations, at least in the past, haven’t viewed security as important evaluation criteria,” Hallawell says. “I think the onus is very much on the company to negotiate and ask. If you don’t ask, you’ll get very vague security controls in place.”
Know thy partner
By Dan Kaplan on Jun 27, 2007 1:55PM