Insights: Article

Confidential Data and Third-Party Vendors

By   Eric Pulse

August 16, 2016

Cloud computing is one of the latest and biggest technological revolutions to emerge. In general, cloud computing refers to a set of technologies and service models that focuses on IT applications and data storage that are accessed and used through the Internet. Many companies are embracing it—including third-party software vendors who may be handling confidential information for your business. This brings up a question: If your data is accessible through the Internet, how safe is it? How do you even know if your third-party vendor is using cloud-based storage?

Taking Stock of the Situation
There are many different storage solutions offered by cloud providers, and each provides a different level of security. The following are questions you should ask third-party vendors that assist you in network and core back-up solutions:

  • Are they using a cloud-based storage solution?
  • If so, what type of cloud is being used?
  • What type of information is being stored on the cloud?
  • Who has access to the information?
  • Are nondisclosure agreements in place for those third-party vendors that have access to the information?
  • Who is responsible if confidential information is compromised?
  • Is network traffic encrypted to/from the cloud and while stored and/or at rest?


Educate Yourself

It is important to do due diligence by reading third-party vendor contracts to see if they address cloud storage. It is also important to perform a risk assessment on each vendor prior to hiring them for service, and annually thereafter.

You can become more familiar with cloud computing through the FFIEC, which addressed outsourcing cloud computing in a statement in 2012. The statement can be found in the Reference Materials Infobase section available online at  http://ithandbook.ffiec.gov/. The FFIEC Outsourcing Technology booklet also addresses cloud computing.

Latest Insights

July 19, 2018
Article
While it’s great to watch your team grow, hiring new employees can be a frustrating and grueling process.
July 19, 2018
Article
Often, human resources (HR) is over looked, but we’re here to tell you it’s an essential component of any organization and critically important to get right.
July 13, 2018
Article
Here are some idea for giving your new hire a smooth start into your business and alleviating stress for you.
July 13, 2018
Article
The impact of the recent SCOTUS Wayfair decision will continue to have a ripple effect on businesses and state sales tax compliance.
July 9, 2018
Article
The revenue cycle is a complex system and we have historically given much attention to the front-end and back-end while oftentimes leaving the middle functions of the cycle neglected.
July 3, 2018
Article
FASB Accounting Standards Codification Topic 606, Revenue from Contracts with Customers, provides a 5-step framework for determining revenue recognition.
July 2, 2018
Article
As part of the Tax Reform Act of 1986, the “Kiddie tax,” a taxing regime designed to make the transfer of income items by wealthy parents to lower tax paying children less attractive, was implemented.
July 2, 2018
Article
When it comes to your employees, you likely conducted interviews on them when you first hired them.
July 2, 2018
Article
Nearly ten years after the release of the initial exposure draft, FASB issued ASU 2016-02, Leases - The standard may have been issued, but the conversation about this re-write of legacy guidance has not slowed.