On October 4, 2010, it was brought to the attention of the managing director of Omniquad that a helpdesk call system had posted sensitive information about their customers to the internet. Omniquad, an anti-spyware company, was quick to place blame on the third-party vendor of the exploited software. A spokesperson from Privacy International expressed the feelings of disappointment that many share, "Security and privacy should be at the core of everything they [Omniquad] do and that includes carrying out security audits of all third-party software and services they offer."
This breach brings to light the fact that relying on the security measures of partners or third-party vendors is not enough. Carefully assessing risks to your organization does not stop at the front door.
No comments:
Post a Comment