22 Questions
Why is it important to have security measures in place for third-party access to your systems?
Because third parties can make errors, and you should plan for the worst-case scenario
What is a common reason for system integrators to have additional access to systems?
To perform their job functions
What is a possible way a third party may have access to your data?
Through both virtual and physical access
What should you plan for when it comes to third-party access to your systems?
The worst-case scenario
Why is it necessary to have security policies and procedures in place for third-party access?
To mitigate potential security risks
What type of security is important to consider when it comes to third-party access?
Both physical and technology security
Where should production services be located?
On a separate, isolated part of the network
What should be done after the code is completed?
Check the code for any vulnerabilities
Why is encryption important when storing data in a third-party location?
To protect the data against unauthorized access
What type of data may require special consideration when storing in a third-party location?
Customer information
How should data be transferred in and out of a third-party location?
Over an encrypted channel
What is a benefit of storing data in an encrypted form?
It protects the data against unauthorized access
What is a major concern with integrators being inside the network?
They can install malware on systems without going through security controls
What is an example of a security issue that was identified with a vendor?
A security vulnerability in a thermostat
What is the importance of partnering with vendors?
To ensure they are motivated to resolve security issues
What is a potential security issue in the supply chain?
All of the above
What is a rare but possible security issue?
Malware infection from a third-party software
What is an example of a security issue with hardware from a third party?
A counterfeit switch
Why is it important to have processes and procedures in place for the supply chain?
To monitor security concerns
What is a concern when having programming services done by a third party?
Building a secure environment for developers
What is a consideration when deciding where to store code?
Storing code on a centralized cloud-based server
Why is it important to ensure vendors are aware of security problems?
So they can resolve the issues quickly
Learn about the importance of security measures when working with third parties who have access to your systems, applications, or data. Understand how to plan for the worst-case scenario and ensure your security policies are robust. Test your knowledge on managing third-party risks and ensuring data security.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free