According to the 2013 Trustwave Global Security Report, based on 450 global data breach investigations, two thirds of breaches were linked to third-party IT system components.
Organisations can be too quick to base IT purchasing decisions on cost, particularly when considering outsourced solutions.
Organisations need to be aware of what business and security risks may be introduced and should definitely include security considerations, as part and parcel of their procurement process.
There are a variety of considerations with regards to IT and security management decisions, generally, the person responsible for IT security within an organisation is not involved at the point of making purchasing decisions.
Organisations at most risk are those that are not diligent enough at the point of purchase.
Organisations need to ensure that their preferred supplier will treat security at the same high priority level as themselves, it should not be taken for granted that the preferred supplier will do so.
Also, purchasing decisions focus heavily on cost and SLAs, security really also needs to be a consideration.
Organisations would truly benefit from having the person responsible for IT security included within the purchasing process. This would at least ensure some measure of security that is appropriate to the needs of the organisation, is encompassed within the proposed solution.
The Trustwave report recommends that smaller organisations should look for third-party verification that their chosen service providers are trustworthy and knowledgeable about security measures.
Organisations need to ensure that their preferred supplier will treat security at the same high priority level as themselves, it should not be taken for granted that the preferred supplier will do so.
Also, purchasing decisions focus heavily on cost and SLAs, security really also needs to be a consideration.
Organisations would truly benefit from having the person responsible for IT security included within the purchasing process. This would at least ensure some measure of security that is appropriate to the needs of the organisation, is encompassed within the proposed solution.
The Trustwave report recommends that smaller organisations should look for third-party verification that their chosen service providers are trustworthy and knowledgeable about security measures.
StyleTech Solutions are a Hull based organisation that specialise in
"Bespoke Software Development".
No comments:
Post a Comment