DATAMARK white paper offers guidance in an era of increasing cyber threats
Every year, it seems information security incidents get bigger and costlier for companies and their customers.
2016 was no exception.
This past year, cybercriminals perpetrated headline-making attacks that resulted in website shut-downs and theft of personal information. They included the massive DDoS attack in October on DNS hosting provider Dyn that disrupted a number of popular sites, including PayPal, Twitter and Netflix.
In February, hackers compromised a U.S. Dept. of Justice database of personal information of tens of thousands of Homeland Security and FBI employees.
And Yahoo got hit with what has been described as the biggest data breach in history: The company revealed in December that tens of millions of its customers’ accounts had been compromised.
It’s hard enough for organizations to secure information within its own networks and servers, so consider the challenges companies face when data is shared with third parties, as is the case when outsourcing business processes to service providers.
CIOs and chief information security officers (CISOs) have the power to drive cybersecurity strategies and policies to protect customer data and proprietary information used in internal business processes.
But what happens when the process is handed off to a business process outsourcing (BPO) provider? Where does one begin to ensure that company information remains secure during and after the transition to a BPO provider?
This issue is the topic of “Addressing BPO Information Security: A Three-Front Approach,” a new white paper now available for download from DATAMARK.
The paper examines best practices and considerations regarding the three vanguards at the forefront of data protection: facility security, human resources security and network security.
In addition to a high-level review of current information security best practices for BPO providers, the document offers an extensive checklist of questions clients can ask to learn more about a provider’s strategies, policies, controls and tools for delivering information security.