In an article published in Compliance Week
on September 27, India Vincent is quoted discussing the recent DoorDash data incident involving a third-party vendor.
“Vendor management can be daunting for anyone, but particularly challenging for businesses that lack resources for this task (and everyone has limited resources),” noted Vincent.
Cyber-criminals look for the weakest link in the system in order to gain access to data, and third-party vendors are becoming a target. DoorDash is not naming the third-party vendor at this time, but this incident is a reminder that companies must monitor their third-party vendors and impose data security guidelines.
“Do not give vendors more data than they need to do their job and limit any direct access the vendor has to the business systems,” Vincent cautioned. Once the vendor has the data, “confirm the vendor has and follows proper procedures to protect the data as well as to respond to any data incidents.”
For the full article, you may click here