Secure Privileged Access:
Back in the day, virus killing was relatively simple. Turn off the machine, unplug it from the network, install your anti-virus safety boot disk, boot the machine, scan the OS and file system, locate the virus, remove it, check the registry for TSR’s, remove them and then you were back in business.
In today’s Cloud-based “ALWAYS ON” world this approach falls horribly short. It would not be a stretch to say that EVERY internet-facing PC or system has some kind of adware, malware, TSR, or virus on it.
With this in mind, factor in that you do not have admin rights on most of the systems being used to manage your environment by third party vendors, and that they probably will not supply you with their virus scan logs.
So, what can you do to help protect your company from becoming the next data breach headline?
According to the Trustwave 2013 Global Security Report, "63% of the 450 data breaches studied were linked to a third-party component of IT system administration." This is because most current products for third-party remote access don’t offer granular security settings or provide a comprehensive audit trail.
You need to lock down third party vendor access, to improve your network security and compliance.
The first key to any security system is to make it painful for those trying to get at your stuff. But how do you do this while making it simple for third party vendors to continue to do the job you need them to do?
You need to be able to manage this remote access securely and ensure that the following 3 important requirements are met:
1)Start with granular security settings
Control everything, from what systems they can access to what permissions they have once connected
Time limits on remote access sessions (this drives hackers crazy)
Approvals required before starting or changing a session
Alerts for suspicious activity
2) Include a comprehensive audit trail (yes, including command shell sessions)
See exactly who did what and when
Take immediate control, if required
Suspicious activity is now easier to see because time limits are in place
Ensure your third party is actually billing you for hours they worked on your system
3) Support every OS, and scenario
No need to open firewall ports for each vendor
No need for VPN’s
No need to specify the only browsers or OS supported
Support Radius, AD, LDAP or Kerberos
These 3 steps will empower your third party vendors to perform systems management or customer support on your systems.