Security risk factors: Business partner security and pandemic planning
Date: Dec 28, 2009In this exclusive interview, Sara Santarelli gives tips on how to deal with the risks posed by business partners and possible pandemics, and how to assess your enterprise's exposure to these risks. Read the full text transcript below:
How important is it to do a risk assessment to evaluate business
partner security?
Sara Santarelli: I think if we look back in time as we seen security mature through our
business and then at the same time we have seen the environment new technology. We've seen that new
technology blend with the business and it's become much more important for us to extend that
enterprise and leverage our partners. But at the same time we talked about the importance of
compliance and making sure that our networks are secure at all times. We've got to ensure that
those partners, those connections with our partners are also secure. It's interesting, if you take
a look at the Verizon Business data breach investigations report, they point out that external
impact connections are one of the biggest issues. Second actually on the list, ahead of insiders,
are partner connections. So what's interesting about that report is that it does take a look at
actual breaches, and what those entry methods were, and so I'm a big believer on do your homework;
take a look at what else is out in the industry whether it is the Verizon report or some other
treat report, but there are clear indicators that partner connections are something we should all
be paying attention to.
What about the risk of pandemics? Is pandemic planning important for business partner
security?
Absolutely, that's a great question. You can't turn on the news without hearing about high school
closings and business that are beginning to have troubles with all of the impacts, whether it is
H1N1 or the normal flu coming around. You know what's great about Verizon, and I have kind of sort
of have a little advantage here, you know I'll put that right up front, we are a very large network
company, that's what we do for a living, we manage the world's largest networks so we have
redundancy built into our networks and we've got very strong business continuity plans. So for us
it hasn't been a lot of heavy lifting, I think is more of a reminder of these are the good
processes we use day in and day out and then really working with our customers to make sure that
there plans are positioned correctly and appropriately in ways that we can perhaps help them, and
you know security has a big play there. Obviously if you look across multiple companies, a lot of
their responses to situations like this is to extend their enterprise out into the home, and so if
I've got ten workers that need to now work from home, there going to have to be able to VPN into
the network and then Verizon working with them to make sure they have appropriate capacity, their
plans are in place, and we are more than happy to step up and help our customers in that
regard.
About hte speaker:
Sara Santarelli is the Chief Network Security Officer for Verizon.
