Security Performance Management
Continuous Monitoring
Cyber Insurance
National Cybersecurity

Articles in this section

See more

Fourth Parties

Avatar
Ingrid
Follow
  • November 15, 2022: Added “Cloud Service Provider” to glossary; Enhanced Rating now available.
  • March 13, 2020: Published.
Cloud Service Provider (CSP)
A provider of Cloud services.
External Service Provider
Cloud providers and other companies that own an IP-space where an organization’s assets are hosted.
Examples: Infrastructure-as-a-Service (IaaS) providers, internet service providers (ISP), and data centers.
Fourth Party
A service provider that third parties depend on.
Internet Service Provider (ISP)
An organization that provides services for accessing, using, or participating in the Internet.
Service Provider
A company that handles or delivers services for other companies, such as web hosting, certificate signing, cloud infrastructure services, or email hosting. Nearly all organizations depend on these various types of service providers to successfully run their businesses.
Service Provider Product
Service offerings, such as web hosting, certificate signing, cloud infrastructure services, email hosting, etc.

Enhanced Rating

To provide a better representation of certain Cloud Service Provider’s security posture, select providers have an Enhanced Rating.

Enhanced Ratings are identified with the Cloud icon in their company Overview. Refer to the Cloud Service Provider Risk Vectors panel to view the findings.

Service Provider Label

Though a service provider is a company that provides any type of service (including on-premise solutions), a service provider that owns and operates an infrastructure that’s controlled or are used by its customers is designated and labeled as a “Service Provider” in the Bitsight platform.

This distinction is provided since some findings on their networks may be due to customer activity. The security rating of such companies are usually very low. In actuality, the security posture of the service provider’s own internal operations and the services they offer is generally better than the aggregated security posture of the individuals or companies that are renting the infrastructure.

Learn more about Shared Responsibility with Cloud Service Providers.

Risks

  • Fourth party breaches and downtime may lead to direct revenue loss, including loss of customer confidence.
  • Disruption of certain services may enable attackers to use company assets to deliver malware to employees and customers, or download company intellectual property, or compromise customer data.

Learn more about managing your service providers or best practices depending their business model.

Related articles