With so much big data being stored electronically these days, it’s created a host of security concerns for retailers who use third party vendors. Without the proper parameters and security measures in place, the possibility of unwanted individuals accessing sensitive information is all too real. When this happens, it creates a huge amount of problems and headaches and sometimes leads to class action lawsuits.
According to Jonathon Dambrot, CEO of Prevalent Networks, some of the primary threats are “an inconsistent process and framework, suppliers bypassing IT security and lack of enforcement or ownership.” Research from the Ponemon Institute who conducts independent research on privacy, data protection and information security policy found that “third party errors and lost or stolen devices increases the per capita costs of a data breach.”
This suggests that there can easily be issues when retailers and vendors lack consistency and aren’t on the same page. Third party vendors who lack proper security protocol or skimp on IT security put retailers and their customers at risk. Hackers and cyber criminals are smarter and more sophisticated than ever, so underestimating the potential for a security breach can be a recipe for disaster. This can be especially problematic when information is stored in a Cloud environment.
Constant monitoring and a proactive rather than reactive mentality are key to keeping data safe and out of the wrong hands. Also, when there is uncertainty about who should have access to information and who shouldn’t, this can create big problems.
Interesting Recent Cases
When it comes to well-known companies who have had to deal with the backlash associated with third party vendor security breaches, two come to mind. One is the federal class action lawsuit stemming from a Home Depot data breach from early September 2014. It was discovered that 56 million debit and credit cards were vulnerable during a five-month period. Home Depot expected to pay out roughly $27 million.
The other case involved Target, where around 110 million customers believed that their personal and financial information was compromised. This was a massive data breach, and the cost of replacing the stolen cards alone was $400 million. These two cases go to show how big a blow it can be when data security isn’t taken seriously.
The Moral of the Story
The bottom line is, there are few ways you can guarantee perfect vendor security. However, vendor security protocol must be a major point of awareness and interview carefully. As a retailer, this is a risk you must take for the benefit (and sometimes detriment) of your company. While you can’t force good security protocol on your vendors, your class action lawsuit big data must also be managed securely, to ensure that the right evidence is disclosed during the lawsuit. Be prepared, my friends.