Why is it improtant to control third-party security policies?
According to SecureLink third-party data breach report, 74% of organisations dealt with leakage consequences due to excessive availability of data to third parties.
In half of cases too much access as well as poor monitoring of privileged access led to misuse of confidential data.
The risks calculation was improperly tackled, thus affecting the quality of third-party access assessment.
51% neglected evaluation of privacy practices and security policies exercised by third-party organisations.
54% granted full responsibility to third-parties after entrusting them with corporate information.
63% of companies literally confided their data to third-parties as to ones with good reputation instead of checking their conformity to the security policies anyway.
54% blamed having insufficient access management strategy and therefore they were unable to conduct inventory of the organisations they agreed to work with.
65% were incapable of knowing for sure which exactly third parties could access their sensitive documents.
63% had still not enough knowledge about who among internal and external users could access their networks which proves a serious lack of visibility.
52% appeared to ignorant of regulatory compliance regarding data breach reporting and had trouble communicating an incident to the corresponding authority.