What is more beautiful than a partnership with someone you trust? A marriage. A friendship. A merger. A supplier. With this entity you have understanding and a common goal, with all hands in to help reach success. But does this trust extend beyond the party or vendor you’ve built this relationship with based on a common goal? Only if you are lucky.
Most enterprises are beginning to see cyber-crime as an ever-present danger, and many are making moves to mitigate risk – but not all. It’s time to ask, who are my partners third-party vendors and what risk do they pose to my business?
In a 2012 survey of U.S. manufacturers
, the Ponemon
Institute discovered that 75% of corporations had suffered harm from the lax cyber security measures in place by their third party vendors. The breach suffered by US-based superstore Target in 2013 was made possible by breaching Fazio Mechanical, one of Target’s refrigeration contractors, though no one knows how many of Target’s third-party vendors were probed for the open door. The success of this breach and countless others have inspired cyber criminals to get more creative.
"The type of risk we're seeing now is changing in response to our evolving data-driven economy," Rena Mears, managing director of BuckleySandler. "The risk to strategic data assets extends beyond any single third-party, but rather to the web of relationships that comprise the data ecosystem."
The same Ponemon Institute study determined that troublingly, 37% of respondents do not believe their primary third-party vendor would notify them if they experienced an attack or data breach. 73% had no faith in an Nth party vendor to notify them. The numbers speak for themselves and the successful breaches using this method speak louder.
How do we mitigate this risk?
Susanna Tisa, Chief Business Officer of Treliant Risk Advisors advises corporations to, "…compile a comprehensive inventory of and conduct data and privacy risk assessments for all third-party vendors. However, we found few companies represented in this research, in particular those outside the regulated banking sector, have done so."
Incorporating a secure VPN connection is one way to mitigate this risk without reliance on outside partners and vendors to do their part. The SSL VPN feature integrated in Sangfor NGAF
Solution provides support for remote user access to an enterprise network from any Internet enabled location. Remote access is provided through a Secure Socket Layer (SSL) enabled by an SSL VPN gateway which allows remote users to establish a secure Virtual Private Network (VPN) tunnel using a web browser. A simple set of platforms allows the organization in authentication and access permissions of mobile users, and provides an intelligent operating experience to achieve secure and quick access to business systems for all users and clients, at any time.
In addition, deployment of a comprehensive AI Enabled Cloud Platform for threat intelligence & analytics like Sangfor’s Neural-X
takes your security to the next-level. Neural-X is at the centre of a sophisticated web of Sangfor developed network security elements which power and expand security detection capabilities, including network traffic analysis (NTA), which offers broader visibility, encrypted traffic analysis, entity tracking and easier detection and response.
Sangfor Technologies, a APAC-based, global leading vendor of IT infrastructure solutions specializing in Network Security and Cloud Computing, has taken the concept of partnership and symbiotic relationships and applied it to your security, in a world where these same relationships can spell out potential disaster. Visit us at www.sangfor.com
to learn more about Sangfor’s network security options, and let Sangfor make your IT simpler, more secure and more valuable.