We can take a lead from our US counterparts, where data security is a priority quickly rising on the boardroom agenda. There has been a longstanding situation in the UK where data security has been the lone struggle of IT departments, with senior management only stepping in when things go wrong.
This should also be the case for third party suppliers. Senior level management should be very aware of who is using their data, to what capacity their data is being used and what measurements have been put in place to protect their customers.
Supplier security verification is essential to data security, so limit the information you share with third parties to the bare essentials, and test your security measures regularly, using ethical hacking companies, as it is better you find any flaws and fix them before unwelcome guests do.
Gordon Weston, director of technology solutions, Indicia