Tips for Vetting Third Parties for Data Care

What does digital transformation really mean for your company? If you check the latest news in technology, you will read and hear “Digital Transformation” in almost every IT news outlet. The term has become ubiquitous in almost every tech sales pitch. But what does it really mean to you and your company? Is digital transformation equal for all industries?

Digital transformation encompasses the adoption of technologies to modernize and automate processes with the intent of gaining operational efficiencies and taking your company to higher degrees of growth. Sounds simple, right? Well, keep in mind that behind any business process you would like to improve, there are layers of people, technology, processes, and sub-processes that add different degrees of complexity. It is a must to understand their criticality for your business’s day-to-day operations.

The layers mentioned above (people, processes, technology) present different inherent characteristics that influence the success of your digital transformation journey. Many times, we tend to believe that the focus of digital transformation resides in the technology layer. However, without people’s acceptance of change and transformation, your transformation project will struggle.

Understanding the culture of your company’s leadership and staff is critical during strategic planning to define an adequate roadmap for your digital transformation. Without people's acceptance and understanding of the upcoming changes, your chances of failing in your project are significantly high.

Data Sets: Most Important Asset

In looking at which areas and processes you hope to improve, recognize the criticality of your data sets as the company’s most important asset.

These are keystone questions you need to ask yourself before embarking on your digital transformation journey: What types of data do we process, store, or transmit during the execution of our regular business and operations processes? What is the value that such data has to our business? Understand the value of customers’ and third-party partners’ data, otherwise the chances are higher that digital transformation projects will run into scope creep or endless loops of changes and modifications, compared to having a good mapping of your data and the criticality of the different datasets. At the same time, without understanding the different types and values of the data in your organization, the risk of introducing new security gaps when implementing new technologies in your environment can exponentially grow.

Always consider, as a minimum, conducting activities around:

The contracting diligence in the third-party selection process is imperative once your company has decided to embark on a digital transformation path. As of today, there are multiple options available in the market, from companies offering tailored solutions for specific industries to different sizes of companies. While most of these solution providers promise to make your journey through digital transformation as smooth as possible, there are several steps I suggest conducting prior to inking a contract:

Taking some of these initial diligence steps could help reduce not only uncertainty around the quality of your vendor, but it also serves as a good baseline for risk management and identification of potential areas where you could be facing a higher degree of risk.

Another aspect to consider is avoiding excessive focus on savings. Cost reduction is just part of the outsourcing benefits equation; it cannot be seen as the major drive for outsourcing processes or selecting the right partner. I believe at this point we all are aware that cheaper will not mean better in most cases, and there is no exception for technology projects. Going for the cheapest provider will almost certainly imply further expenditure in the future, and you would be lucky if those costs are not associated with data security or, in the worst-case scenario, costs associated with customer data breaches and loss.