As businesses have evolved and grown beyond brick and mortar with operations spanning the globe, so has managing the infrastructure to support it. For IT teams that often means facilitating access by external users like consultants, suppliers, and contract workers to support their enterprise datacenter. However, with more data breach investigations revealing exploited third-party credentials as the entry point for the hack, it’s no wonder why the topic of secure remote access can make IT pros skittish.
The 2016 Verizon Data Breach Investigations Report details several incidents, including one about remote vendor access, which we covered in a blog post last quarter.
IT security teams need to identify, manage, and monitor access all privileged access, whether that access is from internal or external users, working on premises or supporting the business remotely.
Here are three tips for ensuring secure remote access:
1) Treat them like they’re one of your own. If your IT strategy is reliant upon partners and you view them as an extension of your workforce, then those external users should adhere to the same security practices as your ‘internal’ workforce. We strongly recommend that you implement least privilege for all accounts – not just for administrators. To accomplish this, start by identifying all managed and unmanaged devices, including those used by third parties, in your IT infrastructure. Then, eliminate all default passwords used on managed systems or devices. Store all credentials in a secure database, then reduce the risk of lost or stolen credentials by systematically rotating passwords for all managed systems.
2) Trust, but verify. Utilize multi-factor authentication to verify users’ identity prior to granting access to servers, apps, and data. Multi-factor authentication can serve as your second line of defense if credentials have been stolen.
3) Keep a bird’s eye view while managing in the weeds. Confidence in your enterprise security will improve knowing that external users are in compliance with your security processes. To achieve that level of confidence, your privileged access management solution should provide complete control, audit, alerting and reporting over all vendor activities. To achieve better visibility and control, establish a workflow for device access when remote vendor access is required. Once access is granted, capture the details of privileged sessions in a recording in case you need to review activities for a future audit. Finally, document all credentials used and requested when remote activity occurs so that you can pinpoint anomalous events such as abnormal device access.
PowerBroker Password Safe enables fast, secure, and reliable access to any device, while enabling you to manage vendor privileges at a very granular level. With Password Safe, you can extend your privileged access management policies to apply to remote vendor activities like:
- Help Desk and Technical Support
- Network Management
- Database Management
- Desktop and Server Management
- Development and DevOps
- Cloud and Virtual Datacenter Management
To read more about our remote vendor access capabilities, check out this data sheet. For more strategies on how to control third-party access to internal systems, you can watch this webinar replay.
Sandi Green, Product Marketing Manager, BeyondTrust
Sandi Green is the Product Marketing Manager for PowerBroker Password Safe, PowerBroker for Windows, and PowerBroker Mac at BeyondTrust. She has over 20 years of sales and solutions marketing experience with technology companies that served a variety of industries ranging from life sciences, human capital management, consumer packaged goods and most recently IT security. When she’s not following the latest trends in Cybersecurity, she’s busy following college football and basketball. Follow her on Twitter at @SandiGreen3.