Products
Applications
Support
Company
How To Buy
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Register
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
My Communities
Communities
All Communities
Enterprise Software
Mainframe Software
Symantec Enterprise
Blogs
All Blogs
Enterprise Software
Mainframe Software
Symantec Enterprise
Events
All Events
Enterprise Software
Mainframe Software
Symantec Enterprise
VMware
Water Cooler
Groups
Enterprise Software
Mainframe Software
Symantec Enterprise
Members
Client Management Suite
View Only
Community Home
Threads
Library
Events
Members
Back to Library
Outsourcing – What Financial Institutions Must Know
0
Recommend
Apr 13, 2009 10:04 PM
Migration User
As resources in the financial services industry continue to become even more strapped, institutions are turning to outsourcing as a way to reduce costs.
Sure, outsourcing sounds like a good plan, but how do you know you can trust your outsourcing partner? Often times, when entering into a third-party service contract, security is an afterthought. To ensure your institution is not the next to make headlines due to a data breach, I have included below a list of best practices to help you get ready to enter that third-party vendor agreement:
Get your own house in order – review and revamp your own security strategy before locking down the vendor chain.
Classify your data and apply the right controls – all data in an institution must be profiled and classified. Institutions will need to know and understand their data, as well as set classifications for more sensitive information, such as credit card numbers or passwords.
Know your vendors and make sure you are a good match – institutions must do a risk assessment of each vendor and understand their operations and share the institution’s commitment to security and compliance.
Get control of compliance – vendors have to agree to an institution’s governance strategy. Automated compliance monitoring technology and reporting capabilities are essential for complying with the many industry regulations. Institutions will also need to have a full view of the security landscape across the vendor chain as multiple vendors interact with one another regarding the institution at hand. Security requirements must be nailed down before a vendor contract is signed.
Set the right security example – it is imperative for institutions to commit completely to their security and compliance initiatives - vendors will follow your lead.
When financial institutions consider outsourcing, security must be built into the plan from the beginning. Customers are an institution’s most valuable asset – measures need to be taken to guarantee their information is safe. Compromised information due to lack of third-party security controls is simply not an option.
For more best practices on managing your vendor ecosystem, download this BankInfoSecurity whitepaper:
Vendor Exposure in the Financial Sector: Ten Best Practices for Mitigating Risk
Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads
Tags and Keywords
Comments
Migration User
Mar 06, 2012 02:31 PM
I guess Symantec didn't take your advice when it came to source code for PCAnywhere in India.
Related Entries and Links
No Related Resource entered.
Copyright 2019. All rights reserved.
Powered by Higher Logic