Securing Third-Party Access, A Weak Link in Enterprise IT
April 8, 2015 | Security and Risk | John Worrall
Many external users require access to your network in the course of normal operations. It’s an inevitable part of doing business today. This access facilitates business productivity, allowing external and internal users to collaborate efficiently on projects, address maintenance issues quickly, and provide seamless services to your environment.
Yet recent high-profile attacks reveal that malicious hackers are increasingly targeting third-party vendors and supply chain partners as they often have less sophisticated security policies and controls than the actual target companies, and provide an open backdoor for attackers. Recent research shows that 63 percent of data breaches are caused by security vulnerabilities introduced by third parties. And it’s not hard to see why – today’s leading institutions have between 200 and 300 high-risk, third-party relationships at a time.
Attackers target these less secure partners to compromise remote access points, steal and exploit privileged credentials, and gain access to targeted networks. From here, attackers can elevate privileges, move laterally through the network, and execute their attack goals while completely circumventing the targeted company’s defenses.
Understanding common remote vendor access types and associated vulnerabilities is the first step in mitigating this risk. To that end, we’ve published a new security brief to provide organizations with guidance on how to address remote vendor access as a privileged access point that requires tight security controls. Topics covered include: approaches for managing and securing third-party credentials, how to isolate and monitor external sessions, and the importance of threat detection capabilities in security solutions for third-party access.
You can download this free security brief here: cyberarkvx.staging.wpengine.com/remote-vendor.
With the proper privileged account security controls in place, organizations can provide the network access required for business efficiency while maintaining consistent security across all types of accounts – internal and external.