This article can also be found in the Premium Editorial Download "Information Security magazine: Nine tips to guarding your intellectual property."
Download it now to read this article plus other related content.
The contractor you Hire can become the source of a security breach unless you take precautions.
Contractors and consultants are commonplace and often embedded in many organizations. The use of third parties to augment capabilities adds tremendous flexibility to an organization. Contractors are vital resources that can help companies meet short-term demands and infuse skills and energy to help tackle even the most complex problems. At the same time, they pose tremendous risks to the organization.
To do the job they've been hired for, contractors need connectivity to an organization's internal network services and data. Oftentimes they have access to very sensitive corporate data, including trade secrets, strategic plans and other intellectual property. And an organization--in a rush to hire a third party for help on a project or simply shorthanded--might not have time for due diligence or the resources to provide adequate supervision. All that adds up to increased risk for either accidental loss or malicious theft of data.
But organizations don't have to shy away from hiring outside experts who can help and advance their business. There are many steps organizations can take to offset the risks, including oversight, access controls, implementing and enforcing sound policies, and technical solutions. Taking these precautions can help ensure contractors don't become a liability to your business.
This was first published in May 2007