Protecting consumer data and vital architectures in the utility and telecom industries is increasingly important.
We’ve heard a lot lately about cyber terrorism. From ransomware attacks taking down the City of Atlanta to attempts to hack utility infrastructures in Connecticut, it’s clear that hackers are going beyond their search for client data to probe the very infrastructures that run our country.
That makes our efforts to develop security protocols for the utility and telecom industry and other critical infrastructures imperative. When you consider that not only are our utility companies tasked with providing services that power our nation, these firms also have anywhere between 500,000 and 15 million customers. A breach could have catastrophic results. This is exactly why utility companies should be asking tough questions with all of their vendors to make sure their customer’s data is protected.
Protecting the Grid from Cyber Terrorism
We are under attack. We’ve been lucky so far, but the Department of Homeland Security is encouraging energy, manufacturing and aviation firms to focus strongly on developing new security protocols to not only protect critical infrastructures but the consumer data they’re responsible for.
Huffington Post suggests that these companies step up their efforts to protect internal structures and data with the following measures:
- Improve and stay current on the latest in data encryption.
- Set security protocols that limit client data to “eyes-only.”
- Limit the amount of data collected from each customer.
- Cull outdated information after it’s been used.
But just as important is the relationship these infrastructure companies have with third-party vendors that also have access to internal services and the data they hold. The Harvard Business Review points out that once the systems are accessed and data is shared, the “ability to control access deteriorates rapidly.”
How should infrastructure companies like utilities or telecom control these vendor partnerships? For example, most of these companies outsource consumer collections to third-party vendors. How can these vendors work to improve data security as information passes between their clients in the utility sector and the debt recovery firm?
Third-party vendor relationships must improve data security not increase risk.
How Does TSI Measure Up?
TSI is the perfect example of how the days of “Mom and Pop” collections are over. The risks are too great to trust your data to a small vendor that has failed to ramp up digital security to combat the latest threats. TSI processes more than one million payments from consumers and funnels them to our clients via a network secured with the latest digital architectures designed to protect our utility and telecom clients. We received over 13 million accounts from clients in 2017 and fully understand the importance of protecting every single record.
Today’s threats require an unprecedented level of protection by vendor-partners entrusted to keeping infrastructures intact. Cyber structures must meet the highest levels of best practices by investing substantially in the latest hardware and software to provide secure end-to-end protection. Third-party vendors in this climate should subscribe to the highest in digital security standards including:
- FISMA and NIST data security controls required for doing business with the federal government.
- ISMS Information Security Management System best practices for PII and PHI in healthcare.
- Data encryption in transit and at rest as well as tier-IV collocation that provides disaster recovery with 100% uptime and multiple redundancies.
Learn more about TSI-level protection, including our U.S. government ATO, ISO 27001, SOC 1 Type 2, PCI DSS 3.2, NIST, FISMA certifications, and a SUPERNAP data center that all ensure the highest levels of data security and business continuity for our utility and telecom clients. We hold ourselves to the highest standards for data security, and you should expect nothing less from all of your third-party vendors.