October is Cybersecurity Awareness Month! As Manager of XYPRO Customer Support, I’ve put together these six tips for businesses working with an external software vendor. Be conscious of protecting your corporate data and network and work with your vendors to ensure your confidential data and network are protected against external threats.
- Never use personal email to report an issue. Using a personal email address to report a technical problem can put your organization at risk and cause data privacy concerns. If your personal email has ever been compromised and a malicious user has access to your email, they will be able to read all the communications between you and your vendor. Also, be aware of the vendor support staff sending emails from their personal email accounts. A legitimate vendor should never use their personal email accounts to handle customer data.
- Submit troubleshooting data in a password protected file. When submitting data and logs to your vendor for troubleshooting, be sure to use a compressed file that is password protected. As your vendor, XYPRO supplies an Enterprise Support Tool that collects information and packages it into a single, password protected file for you to send to us. Remember, send passwords in a separate email or via another secure channel of communication.
- Don’t copy and paste vital information into the email body.In my 14 years managing customer support, I’ve received support emails that contained all sorts of confidential corporate information and PII (personal identifying information). When reporting an issue, treat all information as confidential. To protect our clients, XYPROregistered customers upload files directly to the XYPRO website via an encrypted channel.
- Use a vendor’s support portal as your primary access to their support channels. Eliminate the security risks of email communication mentioned in the previous tip. A support portal is a direct, secure link between you and your vendor. The portal will also often contain information about security updates. XYPRO registered customers can log onto our website and visit the security notifications page.
- Password protect conference calls between you and your vendor.Some conference platforms also allow you to lock a call once all invited attendees have arrived. This prevents eavesdropping and hijacked meetings. An avoidable security risk that can cause embarrassment for you and your colleagues or the loss of a client.
- Install the latest software updates.When using Security software to manage and protect your enterprise, be sure to install the latest version of software and patches. XYPRO releases quarterly release bundles that contain security updates, software improvements and new features. Take advantage of these scheduled releases to ensure your environment is safe and secure.
Robert Massa, CISSP certified Manager of Customer Support with 30+ years of experience on the NonStop platform, joined XYPRO in 2006 as a QA analyst. Since taking over as manager of customer support in 2008, Robert has grown the support organization into an elite global support team, focusing on the total customer experience. Robert’s background as a Security Administrator and Support Analyst for mission critical applications brings real-world experience to the customer support organization.