Thank you for your interest. We Will Contact You Soon...
Your email ID is already registered with us.
Biggest Threat to Enterprise Cybersecurity - Third-Party Remote
Business - Mar 14, 2018
As more of the workplace moves online and team members require flexible access to IT
assets from around the world, remote access has become a major headache for system
Even with all this in mind, one area is still often overlooked: Third-party remote
Third-party remote access has been a perennial concern for enterprises – it’s always
on the radar, but not usually a top priority. Many cybersecurity pros assume that as
long as the connection is executed through a secure VPN, it introduces no more risks
than a standard remote connection.
The big challenge: Hackers can breach your network by gaining access to your vendors.
And that can happen any time, no matter how strong your relationship with a vendor
is, how effective your IT policies are, or how ironclad your contract becomes.
Beyond VPN: Securing Third-Party Vendor Access
The vast majority of third-party vendor access is undertaken for legitimate purposes.
Even so, determined attackers can piggyback on vulnerabilities native to a vendor’s
IT setup to gain access to even your most hardened resources. Requiring a VPN
connection and scanning all inbound connections for security compliance are only the
first steps in a complete defence.
For optimum cybersecurity, implement these fixes:
Consolidate Remote Access in a Single Solution
One of the biggest problems with remote access is the tendency of each organization
to multiply the number of software tools used for connections. The end result is a
patchwork of conflicting solutions with countless vulnerabilities, many unseen.
Leverage your authority as system owner to require all external and internal actors
to use a consolidated and company-owned solution.
Eliminate All Non-Compliant Remote Access
What should you do once you’ve chosen a remote access solution? Effectiveness depends
on deflecting all non-compliant connections, no matter their source or technology.
Blocking ports associated with risky connection types can eliminate entire classes
of vulnerabilities with no impact on network performance. Common low-cost, Web-based
tools should also be blocked.
Focus on Multi-Factor Authentication
Multi-factor authentication remains the most potent way of ensuring a connection is
actually initiated by a credentialed party. Credentials are typically stolen by
hackers who target generic login information vendors share across their user base.
Unique usernames and passwords can be combined with two-factor identification to
render stolen vendor credentials virtually useless.
Use Granular Permissions Throughout the Network
Most vendors only need access to a small subset of defined network resources. No
matter how broad or narrow their mandate is, they virtually never need around the
clock access. An ideal remote access platform should include granular permissions
for individual teams and vendors so you can provide the minimum permissions
necessary – and revoke them completely at any time.
Ensure a Secure Audit Trail
Even these techniques won’t always stop a bad actor from trying to exploit your
network. In cases like these, a clear and comprehensive audit trail is essential.
Without a complete record of all vendor activity supported by automated alerts, a
breach can take months to uncover. That’s especially true if the effects are subtle
or if it was perpetrated by a current or former employee.
All this is not to say that third-party vendors have no business accessing your
Responsible vendors can empower enterprises of all sizes with skills and
expertise that may be difficult or impossible to cultivate in-house. To truly
add value, however, all vendors must be fully committed to IT security best
ISSQUARED helps enterprises of all sizes enjoy the benefits of world-class
With Virtual Chief Information Security Officer (vCISO) services from ISSQUARED,
it is easier than ever for companies of all industries, size categories, and
geographies to benefit from true security expertise.