Biggest Threat to Enterprise CyberSecurity - Third-Party Remote ...

Posted by Don Rudolph on Mar 14, 2018 8:25:00 AM

 third party security

In the era of Bring Your Own Device and distributed virtual teams, remote access to sensitive network resources is quickly emerging as the biggest internal cybersecurity threat.

As more of the workplace moves online and team members require flexible access to IT assets from around the world, remote access has become a major headache for system administrators.

Even with all this in mind, one area is still often overlooked: Third-party remote access.

Third-party remote access has been a perennial concern for enterprises – it’s always on the radar, but not usually a top priority. Many cybersecurity pros assume that as long as the connection is executed through a secure VPN, it introduces no more risks than a standard remote connection.

The big challenge: Hackers can breach your network by gaining access to your vendors. And that can happen any time, no matter how strong your relationship with a vendor is, how effective your IT policies are, or how ironclad your contract becomes.

Beyond VPN: Securing Third-Party Vendor Access

The vast majority of third-party vendor access is undertaken for legitimate purposes.

Even so, determined attackers can piggyback on vulnerabilities native to a vendor’s IT setup to gain access to even your most hardened resources. Requiring a VPN connection and scanning all inbound connections for security compliance are only the first steps in a complete defense.

For optimum cybersecurity, implement these fixes:

Consolidate Remote Access in a Single Solution

One of the biggest problems with remote access is the tendency of each organization to multiply the number of software tools used for connections. The end result is a patchwork of conflicting solutions with countless vulnerabilities, many unseen. Leverage your authority as system owner to require all external and internal actors to use a consolidated and company-owned solution.

Eliminate All Non-Compliant Remote Access

What should you do once you’ve chosen a remote access solution? Effectiveness depends on deflecting all non-compliant connections, no matter their source or technology. Blocking ports associated with risky connection types can eliminate entire classes of vulnerabilities with no impact on network performance. Common low-cost, Web-based tools should also be blocked.

Focus on Multi-Factor Authentication

Multi-factor authentication remains the most potent way of ensuring a connection is actually initiated by a credentialed party. Credentials are typically stolen by hackers who target generic login information vendors share across their userbase. Unique usernames and passwords can be combined with two-factor identification to render stolen vendor credentials virtually useless.

Use Granular Permissions Throughout the Network

Most vendors only need access to a small subset of defined network resources. No matter how broad or narrow their mandate is, they virtually never need around the clock access. An ideal remote access platform should include granular permissions for individual teams and vendors so you can provide the minimum permissions necessary – and revoke them completely at any time.

Ensure a Secure Audit Trail

Even these techniques won’t always stop a bad actor from trying to exploit your network. In cases like these, a clear and comprehensive audit trail is essential. Without a complete record of all vendor activity supported by automated alerts, a breach can take months to uncover. That’s especially true if the effects are subtle or if it was perpetrated by a current or former employee.

All this is not to say that third-party vendors have no business accessing your data.

Responsible vendors can empower enterprises of all sizes with skills and expertise that may be difficult or impossible to cultivate in-house. To truly add value, however, all vendors must be fully committed to IT security best practices.

NCA helps enterprises of all sizes enjoy the benefits of world-class cybersecurity.

With Virtual Chief Information Security Officer (vCISO) services from NCA, it is easier than ever for companies of all industries, size categories, and geographies to benefit from true security expertise.

Contact NCA for an intital vCISO consultation>>