Your Vendors: Cold Beer or Malicious Attack Vector?

Your Vendors: Cold Beer or Malicious Attack Vector?

Your Vendors: cold Beer or Malicious Attack VectorThe word vendor may be most frequently associated with a guy selling beer or tossing bags of peanuts at your local stadium. Good times. Back at the office, there’s an entirely different kind of vendor: the one whose software is the backbone of your business operation.

Vendors are an important and potentially devastating population of users that should be handled with extreme care. Even a mid-size hospital will have 100 or more third parties that require remote access to service and support the MRI machine, the patient billing system and/or the electronic medical records platform.

Target disclosed that a vendor credential was a key component of its breach. A compromised administrator login was used to install malware that scooped credit card data and transferred it to a remote server. How did the attackers get network access to exploit the login? This story begins much earlier than what’s being reported.

There are two key things that make vendors very different than employees. First, one vendor may have thousands of individual technicians. Without the right controls, a login given to Tom on Tuesday may be used by Wendy on Wednesday. Credentials are not only stored in the vendor’s CRM system, they’re written on sticky notes affixed to monitors around the world.

Secondly, vendors require admin rights to their systems. As we learned in the Target breach, the network privileges granted to an admin are extremely powerful.  Your employees can view a sales report; your vendors can copy a database.

So, what to do? Here are my five golden rules for managing vendor access:

  1. Be aware. Vendors are not typical users and should be treated as very special guests.
  2. Have a realistic policy. Insist on individual logins and demand accountability, but don’t expect a technician to send you a copy of her passport. It’s not going to happen.
  3. Integrate policy in your purchasing process. Remote access should be negotiated before the vendor needs it. If your POS system is down, your IT staff (or someone else) is going to open a door that may be left open. The best time to negotiate access methodology is when the software is being purchased (amazing how accommodating the salespeople are at that time) or when your maintenance/subscription agreement is being renewed.
  4. Control the platform. If left to their own devices, a vendor may choose a remote support method (often a simple screen-sharing tool) that meets their needs more than yours. Your platform should support multi-factor authentication, provision granular access privileges, keep credentials private and audit all activity at the individual user level.
  5. Monitor vendor activity. While it may not be practical to track every keystroke, a consistent audit of vendor remote access should create alarms when a server is accessed repeatedly or large files are being transferred outside the network.

Managing vendor access is a critical component of any network security strategy. With awareness, proper policy and the right platform, it’s possible to avoid a malicious visit from these very special guests.

About the Author

Jeff Swearingen is co-founder and CEO of SecureLink, an Austin, TX-based software company that helps manage the chaotic space between enterprise technology vendors and their customers.

Featured

  • Cloud Adoption Gives Way to Hybrid Deployments

    Cloud adoption is growing at an astonishing rate, with Gartner forecasting that worldwide public cloud end-user spending will approach $600 billion by the end of this year—an increase of more than 21% over 2022. McKinsey believes that number could eclipse $1 trillion by the end of the decade, further underscoring the industry’s exponential growth. Read Now

  • AI on the Edge

    Discussions about the merits (or misgivings) around AI (artificial intelligence) are everywhere. In fact, you’d be hard-pressed to find an article or product literature without mention of it in our industry. If you’re not using AI by now in some capacity, congratulations may be in order since most people are using it in some form daily even without realizing it. Read Now

  • Securing the Future

    In an increasingly turbulent world, chief security officers (CSOs) are facing a multitude of challenges that threaten the stability of businesses worldwide. Read Now

    • Guard Services
  • Security Entrances Move to Center Stage

    Most organizations want to show a friendly face to the public. In today’s world, however, the need to keep people safe and secure has become a prime directive when designing and building facilities of all kinds. Fortunately, there is no need to construct a fortress-like entry that provides that high level of security. Today’s secured entry solutions make it possible to create a welcoming, attractive look and feel at the entry without compromising security. It is for this reason that security entrances have moved to the mainstream. Read Now

Featured Cybersecurity

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3