Third parties – including vendors, service providers, independent consultants, contractors, and partners – often need access to your network to conduct essential business and IT operations, but that access shouldn’t be as simple as ‘on’ or ‘off’. In order to conduct business safely, IT organisations must be in control of centralised vendor access pathways that allow them to enforce access control policies and record and monitor all third-party activity.
And though organisations can’t just cut off vendor access altogether, it doesn’t mean you have to hand over the keys to the kingdom. Here are five actions that can make a big impact on improving vendor access:
- Consolidate remote access tools—require all of your vendors (and internal employees) to use a single, centralised remote access solution to connect to systems and applications on your network.
- Shut off all other remote access—block access from any unapproved remote access tools to eliminate open ports that are often compromised by hackers.
- Enforce unique credentials and multi-factor authentication—require every third-party technician who accesses your network to use unique credentials and two-factor authentication to reduce the risk of stolen vendor credentials and improve compliance.
- Employ granular permissions—choose a remote access tool that includes permission settings by vendor or team so you can restrict which systems third parties can directly access, and when.
- Capture a secure audit trail and set up alerts—capture a secure audit trail of every action third-parties execute on your systems, and set up alerts for abnormal activities.
For a more detailed report on these five steps, download this whitepaper.
To find out how Bomgar helps make remote support secure, visit www.bomgar.com or stop by Stand 69 & 70 at UCISA 2014.