Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

11/9/2020
09:00 AM
Tony Howlett, CISO at SecureLink
Tony Howlett, CISO at SecureLink
Sponsored Article
50%
50%

Third-Party Remote Access Is Your Network's Weakest Link

Learn how you can keep your company's data safe and what role VPNs, phishing attacks, and privileged credentials play in relation to vendor access management.

Third parties, contractors, and vendors play a dangerous role when it comes to data breaches. These types of breaches can cost your organization millions of dollars and will only continue to become larger and more frequent. In fact, research shows that nearly half of all data breaches involve a third party or vendor. Many organizations are implementing different solutions trying to protect against third-party cyber-risk, but most fall short, aren't efficient, and end up giving third parties too much access. In order to protect your data against the risks that come with third-party access, you should invest in a vendor access management solution.

Hackers often infiltrate companies through third-party access because this can be the weakest link in the network. What makes this even more attractive is that vendors often have access to multiple customer networks so hackers can get a lot of data for the effort of a single hack. Organizations need to be vigilant with the access they give to third parties and watch out for the most common paths hackers take to gain access.

VPNs — Nothing but Access
Virtual private networks (VPNs) are used by nearly every organization, especially as we see an increase in the need for remote access. VPNs are great when providing a connection to internal yet remote employees accessing internal resources, but this is where the functionality of VPNs stops. VPNs provide nothing beyond encrypting data between two points of access.

Organizations need to ensure that all external third parties have secure access to only the networks, systems, and information they need. With a vendor access management solution, users are given access only to resources they need to get their job done while being compliant with necessary regulations and industry requirements. Vendor-specific solutions allow for secure access to only what matters, rather than full access to your entire network.

Phishing Attacks From the Outside
Phishing has become extremely sophisticated and research shows that, on average, 90% of data breaches stem from a phishing attack. Organizations may conduct internal phishing tests to help educate employees on how to outsmart a phishing attack, but this doesn't account for the people you don't directly hire. Your third parties could be untrained and susceptible to a phishing attack that could inadvertently compromise your network, especially if it's through a VPN or another tool that wasn't specifically made for vendor connections. In order to protect against phishing attacks, it's important that all parties involved are educated with regular phishing simulation tests and security awareness training to ensure nothing is compromised.

The Dangers of Ransomware
Ransomware is another common danger that insecure third-party access can bring. The cost of ransomware attacks surpassed $7.5 billion in 2019 with downtime costs increasing 200% year-over-year. Ransomware attacks have caused severe downtime across many industries that provide critical infrastructure.

Beyond being expensive, ransomware attacks can be a danger to public safety, and organizations need to be prepared so that their information security systems are able to handle these attacks. Organizations should implement a well-rounded cybersecurity strategy that can keep track of third-party activity and reveal signs of a breach before they happen.

Privileged Credentials Are a Threat
Credentials are not, and should not be, created equally. Privileged or administrative credentials have access to vastly greater resources than regular users and can unlock further privileges for other employees when necessary. External third parties should almost never be given this level of access. Even though a third-party vendor rep may not have bad intentions, a bad actor can co-opt their machine via phishing or other attack and take advantage of their credentials to gain access into your network and systems. Thus, it's critically important for organizations to oversee and regularly audit all third-party activity.

Organizations need a vendor access management solution in order to control the access a vendor needs in a secure way to avoid any compromises. Credentials being written on a sticky note or, worse, sent via plaintext email to your vendor don't cut it anymore and open up your organization to countless security vulnerabilities. Organizations need to invest in a solution specifically for managing vendors in order to have full visibility into vendor access and have centralized software to manage secure access.

Whether it is an outside vendor or contractor, taking the security of any third party with access to your network credentials seriously is of the utmost importance. Organizations need to critically think of their data governance in a holistic manner and take responsibility for the protection of its data wherever it resides. If a company is not diligent in putting in place solid, ongoing third-party and vendor management programs to secure vendor access, and following it up with good oversight and audit, then the sins of the third party may become the sins of the company.

About the Author
Tony Howlett is a published author and speaker on various security, compliance, and technology topics. He serves as President of (ISC)2 Austin Chapter and is an Advisory Board Member of GIAC/SANS. He is a certified AWS Solutions Architect and holds the CISSP, GNSA certifications, and a B.B.A. in Management Information Systems. Currently, Tony is the CISO at SecureLink, a vendor privileged access management company based out of Austin, Texas.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18942
PUBLISHED: 2021-02-26
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding.
CVE-2019-18943
PUBLISHED: 2021-02-26
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations.
CVE-2019-18944
PUBLISHED: 2021-02-26
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS.
CVE-2019-18945
PUBLISHED: 2021-02-26
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability.
CVE-2019-18946
PUBLISHED: 2021-02-26
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation.