Tech & Outsourcing

Subscribe to Tech & Outsourcing via RSS

Ever since the Target and Home Depot breaches were traced to intrusions at their vendors, the management of cybersecurity at third-party vendors has been a focus of companies and regulators. The FTC has flagged the issue, as has the SEC. The DoD has imposed strict cybersecurity requirements for contractors that “flow down” to sub-contractors.

But despite an increasing focus on the full lifecycle of third-party risk management, vendor incidents continue to represent a high percentage of reported data breaches. According to a March 2016 Ponemon Institute report, 49 percent of survey respondents indicated that their organization experienced a data breach caused by a vendor.
Continue Reading Are You Prepared for Your Vendor’s Data Breach?

It is commonplace to turn on the television news and hear of a new data breach from a large retailer or someone else. No one wants the legal problems (not to mention the embarrassment and the hit to reputation) from having their systems breached. Consequently, data security is on everyone’s mind.

However, many companies have

Your business may license many different types of software and technology in the ordinary course. These licenses range from software installed on your internal network to use-rights in software-as-a-services (SaaS) models, where the programs reside on the vendor’s host systems and are accessed via the Internet (or in some other manner).

In each case, you are granted use-rights that define how the licensed materials can be used (for example, there may be a limit on the type of business for which the materials can be used), where they can be used (i.e., a territory or facility restriction), and who can use them.

Ensuring that the technology can be used by the appropriate people is one of the most overlooked items in a technology license.
Continue Reading Don’t Forget About Your Affiliates and Customers as Technology License End Users

Many organizations in different markets and industries are outsourcing parts (or all) of their IT functions (including support, development, help desk, data storage and others). Why are they outsourcing? What are the potential benefits of outsourcing?

  1. Helps the company bottom line – saves money. Many companies find lots of savings in outsourcing. The savings may be from better efficiencies pursuant to economies of scale, lower labor costs and other factors.
  2. Improved security. Strong security (for example, around the protection of consumer or health data) is the lifeblood of an outsourcing vendor’s business – and often, this level of security is higher than a customer could realistically achieve when keeping the functions in-house.
    Continue Reading Why Are My Competitors Outsourcing IT? Should I?

On 23 June, the UK government introduced a new online cyber security training course designed to assist the procurement profession to stay safe online.

After a recent government survey found that half of the worst breaches were caused by human error, the government aims to increase awareness and help organisations reduce risk. The course, freely available online, has been designed to help persons in the procurement industry protect themselves, their businesses and their suppliers from cyber attack.
Continue Reading UK offers improved cyber security training to boost procurement profession

In December 2012, the Spanish Data Protection Authority (SPDA) published a new set of Model Clauses prepared purely for use by service providers that subcontract to companies located in countries outside the EEA.

These new Model Clauses (based on the 2010 controller-to-processor clauses) will allow for an international transfer of personal data between a data