Protecting Sensitive Information
.docx
keyboard_arrow_up
School
American Public University *
*We aren’t endorsed by this school
Course
202
Subject
Information Systems
Date
Feb 20, 2024
Type
docx
Pages
5
Uploaded by courtneyhanley2
PROTECTING SENSITIVE INFORMATION
1
Protecting Sensitive Information with Third-Party Vendors
Courtney B. Hanley
American Public University
BUSN202: Leading in the Technology Age
Dr. Doris Blanton
October 8, 2023
PROTECTING SENSITIVE INFORMATION
2
Protecting Sensitive Information with Third-Party Vendors
One of a business leader’s main focus should be protecting sensitive information that is handled and stored by third-party vendors. Different companies keep different amounts of private
information on their customers, and some even use third-party vendors to house and keep track of this data. Most of this information can be confidential or sensitive information they wouldn’t want to be exposed if there were a security breach. This is why protecting sensitive information is such a high priority. Business leaders can take a number of steps to make sure that this information is safe and secure with their third-party vendors. These steps include to identify and prioritize confidential information, keep only the information that is needed, monitor and enforce
the security of this information, and also plan for the future. By taking these steps, companies and clients alike can feel confident that their information is being held in the most secure and professional way as possible. Identify and Prioritize Confidential Information
Not all data stored with third-party vendors will be confidential information. The first step in making sure this type of information is secure is to identify and prioritize confidential information. For example, you should know exactly where this information is being stored and which vendors have access to which information. Companies should keep detailed records of where this information is being stored for unforeseen circumstances such as a data breach within one of the companies. Confidential information that may be stored within these systems could include things like names, social security numbers, credit card numbers, and other information that could possibly identify employees and customers (Federal Trade Commission, 2016).
PROTECTING SENSITIVE INFORMATION
3
Only Keep What You Need
Businesses do not need to keep files or information that is not necessary to keep. Something to think about is you do not need to collect information that will not be used. For example, a customer could pay an invoice with their credit card, but this doesn’t mean that you need to keep this information on file. The less information you collect, the less you need to keep. The less you
need to keep, the less confidential information you have on file. The only information you need to keep is what is essential to your business and only keep it for as long as it is necessary, or for as long as the law requires you to keep records (Federal Trade Commission, 2016). Monitor and Enforce Policies. Third-party companies shouldn’t be accessing your companies’ information without monitoring. The act of monitoring and enforcing policies is an extremely important part of customer protection. Companies need to have strict policies on how their information is being stored and distributed. Quarterly check-ins with these companies can help you stay one step ahead of issues. Document Incident Response Plans include exact steps the company should take if there were to be a data breach (Author, 2023). If the company is violating the Document Incident Report Plan you have made, you must enforce the policies in place for these types of violations. This helps to keep everyone accountable and confidential information as secure as possible. Through things like monitoring systems and employee training, it eliminates vulnerabilities (Vidius, Inc., 2004).
Plan for the future. The ability to look to and plan for the future is essential for any business. The way you plan for the future can have a serious impact on the success of the business. A step-by-step plan, keeping your employees and vendors up to date on training, and so
much more can help in the event of a security breach. Consider who you would need to notify if
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help