Cybersecurity
April 26, 2023
Are your vendors safe?
Even with strong cybersecurity internal controls, vendors are increasingly becoming bigger risks for data breaches and ransomware. Whether your vendors (contractors, grantees, payees) send you electronic invoices or log into a Commonwealth or vendor application, your department’s data and systems could be at risk.
Action Steps:
- Validate in writing that any vendors logging into your applications, or vendor applications with your data, are meeting the minimum Enterprise Information Security Policies and Standards as required under contract.
- Pause Verify and Report:
- Pause and Verify that submissions are expected, legitimate, and virus-scanned before opening.
- Report any suspicious or fraudulent activity to your IT staff and [email protected]
See our CTR Cyber page for cybersecurity internal controls.