Vendors which have access to company data continue to be a high risk when it comes to data security.
Check out this article I wrote that was published in Information Week Dark Reading to get tips on how to manage security risks with third parties: 3 Golden Rules For Managing Third-Party Security Risk