AUSTIN, Texas, June 24, 2019 /PRNewswire/ -- If a burglar
has the key to your house, having a state-of-the-art lock won't
keep them out. That's exactly what happens when you allow vendors
onto your network with privileged credentials without a solution
that provides proper identity, access, and audit
controls.
When you need to grant privileged access, a new level of
credential management is required. Companies that allow vendors to
access their network must understand these core credential
management best practices. Without following these steps, a vendor
data breach is much more likely to occur.
Lock your credentials in a vault and never share them with
anyone – that's right – ANYONE
- Vendors and privileged users alike should be given single
sign-on (SSO) access methods that prevent them from ever knowing
the credentials they are using for access. With passwords safely
and secretly in a credential vault, passwords will never be placed
on a spreadsheet, written on a sticky note, or sent company-wide in
an email.
Enforce best practices for strong passwords and password
expiration in your vault
- When you aren't circulating credentials to users, you can make
them as complicated as you want and change them just as often
without disrupting the workflow of your users. Set expirations on
accounts using your credentials to expire after a period of
inactivity to help prevent misuse of the credential.
Authenticate individual users of your credentials every
time
- Now that your complex credential is tucked safely away in your
vault, make sure it is only used by authorized users. Use a
multi-factor authentication that verifies the individual.
Before you let them use the credential, confirm that the individual
still works for the vendor. For privileged access and high-security
applications, consider using IP source network control to manage
where they are using your credentials from.
Audit the use of your credentials
- Every time a credential is used you should know who used it,
why, what time, for how long, and what was done under the power of
that credential. Make sure the power that comes with the
credentials is being used appropriately and that no one is misusing
your credentials to exploit or damage your network and
systems.
Solutions for access
- VPNs and desktop sharing tools have been the traditional
method of remote vendor access. While VPNs work for employee
access, they do not provide the required level of access control
and audit capabilities necessary for third-party connections.
Review your vendor access procedures and tools to ensure they're
in line with best practices. On the other side, vendors and
contractors should make sure to limit their risk exposure by
utilizing remote support tools that provide their customers with
flexible controls and activity records.
About the Author
Tony Howlett is a published author
and speaker on various security, compliance, and technology topics.
He serves as President of (ISC)2 Austin Chapter and is an Advisory
Board Member of GIAC/SANS. He is a certified AWS Solutions
Architect and holds the CISSP, GNSA certifications, and a B.B.A in
Management Information Systems. Tony is currently the CISO of
SecureLink, a vendor privilege access management company based in
Austin.
About SecureLink
SecureLink is the leader in managing
secure vendor privileged access and remote support for both highly
regulated enterprise organizations and technology vendors. More
than 30,000 organizations across multiple industries including
healthcare, financial services, legal, gaming, and retail rely on
SecureLink's secure, purpose-built platform. SecureLink is
headquartered in Austin,
Texas.
To learn more about the SecureLink platform,
visit securelink.com.
Contact:
Richard
Weber
richard@austinmarketingconnection.com
T.
512-971-0453
View original content to download
multimedia:http://www.prnewswire.com/news-releases/securelink-offers-vendor-breach-avoidance-in-simplest-terms-300873782.html
SOURCE SecureLink