1. Identify all sensitive data in a system. Start with the most obvious, but don’t assume anything is “safe.”2. Assess the strength of outsourcers’ physical and information security practices before signing a contract with them.3. Build not only the regulations compliance into outsourcing contracts but include specific processes for meeting requirements. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe 4. Include a change control mechanism in the contract so that as situations shift (for example, the outsourcer wants to add foreign nationals to a project), processes can be revised. 5. Create security profiles for all workers and lock down foreign nationals’ access to regulated information.6. Employ at least a two-factor method of identification for all users. 7. Use an outside company to assess your network security. Find out, for example, if workers can break into the rest of the network when you provide access to a live production server.8. Conduct periodic audits of the outsourcers’ compliance with the federal regulations. Related content feature Mastercard preps for the post-quantum cybersecurity threat A cryptographically relevant quantum computer will put everyday online transactions at risk. Mastercard is preparing for such an eventuality — today. By Poornima Apte Sep 22, 2023 6 mins CIO 100 CIO 100 CIO 100 feature 9 famous analytics and AI disasters Insights from data and machine learning algorithms can be invaluable, but mistakes can cost you reputation, revenue, or even lives. These high-profile analytics and AI blunders illustrate what can go wrong. By Thor Olavsrud Sep 22, 2023 13 mins Technology Industry Generative AI Machine Learning feature Top 15 data management platforms available today Data management platforms (DMPs) help organizations collect and manage data from a wide array of sources — and are becoming increasingly important for customer-centric sales and marketing campaigns. By Peter Wayner Sep 22, 2023 10 mins Marketing Software Data Management opinion Four questions for a casino InfoSec director By Beth Kormanik Sep 21, 2023 3 mins Media and Entertainment Industry Events Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe