Rock LaManna11.01.16
Think of the places where your company data flows outside to your partners. If you do everything you can to protect information internally, you must also choose partners who will follow best practices for securing and handling sensitive data.
The first step is to conduct a background check on potential partners. Perform online research, check references, do a credit check if appropriate, and ask good questions to understand how knowledgeable a potential partner is about protecting data. For many situations, expect that the other party will submit a non-disclosure and/or non-circumvent agreement designed to protect that company. Have them sign your own NDA or modify the mutual agreement so that your specific information and interests are protected.
Here’s a list of partners who should have an impeccable track record for handling data.
● Mail service provider
● IT consultant
● CPA
● Equipment vendor
● Software provider
● Computer network installer
● Phone system installer
● Web storefront programmer
These companies should have an excellent company reputation, as they will have access to places where data is stored, even if it is secure:
● Landlords, leasing companies and their representatives
● Janitorial and building maintenance companies
● Waste disposal and recycling companies
These people should not be allowed where information is not secured:
● Customers
● Competitors
● People interviewing for a job
● Salespeople who do not work for you
● Family members
● Visitors
As I list these people, I’m sure you can envision disastrous scenarios. I heard the story of a landlord whose adult son came into the building one night and used the tenant’s business computers to do online gambling. The investigator said many of the computers had been left logged on overnight, and some were even left logged in to their secure sessions.
These are the types of situations that must be considered when choosing the people who will have access to your worksite and secure items.
Ignorance on the part of your strategic partners is not an excuse if they end up causing a breach. In addition, anyone handling your data or with access to it should sign a written agreement that you prepare and enforce.
Ultimately, it is your responsibility to protect your data. Checking our potential partners and vendors is part of that process.
Rock LaManna helps printing owners and CEOs use their company financials to prioritize and choose the proper strategic path. He is President and CEO of the LaManna Alliance, and provides guidance on how to grow a printing business, merge with a synergistic partner, make a strategic acquisition, or create a succession plan. Rock can be reached by email at Rock@RockLaManna.com.
The first step is to conduct a background check on potential partners. Perform online research, check references, do a credit check if appropriate, and ask good questions to understand how knowledgeable a potential partner is about protecting data. For many situations, expect that the other party will submit a non-disclosure and/or non-circumvent agreement designed to protect that company. Have them sign your own NDA or modify the mutual agreement so that your specific information and interests are protected.
Here’s a list of partners who should have an impeccable track record for handling data.
● Mail service provider
● IT consultant
● CPA
● Equipment vendor
● Software provider
● Computer network installer
● Phone system installer
● Web storefront programmer
These companies should have an excellent company reputation, as they will have access to places where data is stored, even if it is secure:
● Landlords, leasing companies and their representatives
● Janitorial and building maintenance companies
● Waste disposal and recycling companies
These people should not be allowed where information is not secured:
● Customers
● Competitors
● People interviewing for a job
● Salespeople who do not work for you
● Family members
● Visitors
As I list these people, I’m sure you can envision disastrous scenarios. I heard the story of a landlord whose adult son came into the building one night and used the tenant’s business computers to do online gambling. The investigator said many of the computers had been left logged on overnight, and some were even left logged in to their secure sessions.
These are the types of situations that must be considered when choosing the people who will have access to your worksite and secure items.
Ignorance on the part of your strategic partners is not an excuse if they end up causing a breach. In addition, anyone handling your data or with access to it should sign a written agreement that you prepare and enforce.
Ultimately, it is your responsibility to protect your data. Checking our potential partners and vendors is part of that process.
Rock LaManna helps printing owners and CEOs use their company financials to prioritize and choose the proper strategic path. He is President and CEO of the LaManna Alliance, and provides guidance on how to grow a printing business, merge with a synergistic partner, make a strategic acquisition, or create a succession plan. Rock can be reached by email at Rock@RockLaManna.com.