Nearly half of U.S. companies have experienced an increase in cyberattacks over the past year, but it might come as a surprise that nearly 60% have experienced a data breach caused by a third party—typically, a vendor, reseller, supplier, software provider, subcontractor, consultant, or integrator. Cyberattacks always spell trouble, but a breach involving a third party can cause even more far-reaching problems by rippling through the company, its customers, and even its customers' customers.
Partners and others that function as a third party must:
- Make sure their own cybersecurity practices are mature, tested and demonstrable
- Demand the same from the vendors they partner with
A good way to start is to take a fresh look at existing data privacy and security policies and develop a data privacy program that not only complies with applicable standards, laws, and regulations, but also minimizes data leakage risks associated with potential breaches or attempted mis-use of data. It's also worth reviewing existing security and privacy tools to ensure that they can both protect against today's incidents and breaches, and that they can be expanded as new data threats emerge with new application domains such as AI/ML.
"Our deep culture of respect, integrity, and teamwork extends beyond our corporate walls to the way we empower our customers to protect their data and their privacy. NetApp earns our customers' trust through transparent commitments to the fundamental principles of privacy and security." – George Kurian, CEO, NetApp
NetApp's customers trust the company to protect their data. NetApp provides that protection through strict regulatory compliance and comprehensive policies, procedures, and standards. It maintains its strong stance with a combination of self-assessment, independent audits, and an ongoing commitment to comply with data security and privacy requirements that are continually evolving. To keep the chain of security strong, resellers and other channel partners must also ensure that the suppliers they work with have robust cybersecurity policies and practices.
NetApp's Data Security and Privacy Approach Expanded Through Partnerships
NetApp's partnership with Protopia AI presents a perfect working model of how NetApp is expanding its data security and privacy standards with Protopia AI's Stained Glass Transform™ solution in the AI/ML domain. Working with all types of data, the lightweight application can be configured to transform the data's representation to match the intent of the consuming AI model, or enable data scientists to train new models without needing access to identifiable data. Sensitive aspects of the data – which could include sensitive personal identifiable information, or confidential information about a company, its personnel, and its business activities – are maximally protected in the event of a data breach. This is a major step forward in enabling advanced AI/ML capabilities while minimizing the risk of catastrophic breaches at the data layer.
NetApp's focus on security, privacy, compliance, and transparency is described in detail in its online Trust Center, which explains how NetApp secures customer information and protects individual privacy. That trust also extends to NetApp's supply chain, which screens suppliers to ensure they comply with all requirements and that they conduct business ethically.
The Trust Center sections include:
- Security. NetApp's secure development lifecycle and how it handles vulnerability, patch management, ransomware encryption, data deletion and disposal
- Privacy. NetApp's privacy principles, which guide how its products and services are designed and configured to manage and protect personal data
- Compliance. How NetApp handles compliance, including a list of global laws and standards to which it adheres
- Transparency. How NetApp shares information about its values, policies and core principles
With this information readily available, partners and customers know exactly what they can expect from NetApp, and they can confidently move forward with incorporating NetApp® products and services into their solutions.
Learn more about NetApp's data security practices in its 2022 ESG Report.