You’re way ahead of the game, right? After all, your company has established policies and procedures mandating how to handle internal and third-party confidential data. You’ve kept track of all regulatory changes and updated your policies accordingly. You require encryption, strong passwords and the use of firewalls. You conduct regular training sessions with your employees and using the latest front-page stories of data breaches and their resultant business interruptions, lawsuits, fines and reputational damage you have sufficiently terrified your employees into compliance. But have you thought of everything? Not if your risk management plan doesn’t include vendor-supplied software and applications.
It probably would be difficult for many businesses even to count the number of vendors from whom they have purchased software, but the number is usually in the hundreds. For very large enterprises, the number can be in excess of 20,000. Software is used for everything from payroll, accounting, email, human resources, records and document management. Approximately 65 percent of enterprise applications are sourced externally, and 70 percent of applications developed in-house contain components licensed from vendors. Unfortunately, as noted in PwC’s 2012 Security Report, up to 80 percent of vendor-supplied software and applications fail basic tests for security compliance.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]
