Summer Regulatory Summit eBook

• Clearly define roles, responsibilities, and expectations in contracts • Conduct periodic security audits of the third-party’s practices • Limit administrative access to authorized personnel only • Ensure the third-party maintains comprehensive logs • Collaborate on an incident response plan • Encrypt data transmitted between your organization and the third-party

Controls for Third-Party Firewall Management