CyberArk Security Brief: Securing Third-Party Remote Access, a Weak Link in Enterprise IT
CyberArk (NASDAQ: CYBR), the company that protects organisations from cyber attacks that have made their way inside the network perimeter, today released a new security brief to protect organisations against cyber attacks through third-party remote access points. The brief, “Securing Remote Vendor Access with Privileged Account Security,” and accompanying Infographic can be downloaded for free: www.cyberark.com/remote-vendor.
“It’s no secret that attackers target the weakest links in IT security, which are often found in accounts provisioned to third-parties for network access,” said John Worrall, Chief Marketing Officer, CyberArk. “Often, these smaller third-party organisations have less sophisticated security policies and controls than the target companies, providing an open backdoor for attackers. With the proper privileged account security controls in place, organisations can provide the network access required for business efficiency while maintaining consistent security across all types of accounts – internal and external.”
The Third-Party, Remote Access Problem
High-profile attacks reveal that malicious hackers target third-party vendors and supply chain partners as a backdoor into their primary target. Organisations in every industry provide network access to third-party vendors, which range from services companies and suppliers to external consultants.
Attackers target less secure partners to compromise remote access points, steal and exploit privileged credentials, and gain access to targeted networks. From here, attackers can elevate privileges, move laterally through the network, and execute their attack goals while completely circumventing the targeted company’s defences.
According to recent research , attackers are increasingly targeting this soft spot in cyber security:
- 60 per cent of organisations allow third-party vendors remote access to internal networksˡ
-Top U.S. banks and credit companies average nearly 20,000 third-party suppliers²
-Most leading institutions have 200-300 high-risk, third-party relationships²
-Third-party errors increase the cost of a data breach by as much as $43 per record in the U.S.³
-100 per cent of advanced attacks exploit privileged credentials4
-63 per cent of data breaches are caused by security vulnerabilities introduced by third parties5
-58 per cent of organisations have no confidence that their third-party vendors are securing and monitoring privileged access to their networkˡ
The CyberArk security brief provides organisations with guidance on how to address remote vendor access as a privileged access point that requires tight security controls. Topics covered include: approaches for managing and securing third-party credentials, how to isolate and monitor external sessions, and the importance of threat detection capabilities in security solutions for third-party access.
To download and use the CyberArk Infographic “Third-Party Access: The Hidden Weak Spot Exploited by Attackers,” please visit: www.cyberark.com/remote-vendor-infographic.
To download a free copy of CyberArk’s security brief on securing remote vendor access, please visit: www.cyberark.com/remote-vendor.