My company is shifting their data security emphasis to monitor 3rd parties. For example: we're constantly sending data to a firm that processes our financial data and performs basic accounting/reporting. How do we ensure these 3rd parties aren't mishandling our data? How do we know if Joe Shmoe isn't copying our files, losing/replicating our tapes, or distributing our sensitive information? I'm looking for technologies, software, questionnaires, or some methodology that provides a meaningful assessment or metric that indicates how secure our data is once it leaves our network. Is anyone aware of a product or company that provides this type of service? We're fairly confident that our firewalls, vpns, tunnels, and protocols are securing the data to/from our network...but once it heads to Accounting Wizards, Inc, we lose control. Suggestions would be greatly appreciated!