finanzen.net
25.06.2019 01:21
Bewerten
(0)

SecureLink Offers Vendor Breach Avoidance in Simplest Terms

AUSTIN, Texas, June 24, 2019 /PRNewswire/ -- If a burglar has the key to your house, having a state-of-the-art lock won't keep them out. That's exactly what happens when you allow vendors onto your network with privileged credentials without a solution that provides proper identity, access, and audit controls. 

Two-step Password Verification

When you need to grant privileged access, a new level of credential management is required. Companies that allow vendors to access their network must understand these core credential management best practices. Without following these steps, a vendor data breach is much more likely to occur.  

Lock your credentials in a vault and never share them with anyone – that's right – ANYONE

  • Vendors and privileged users alike should be given single sign-on (SSO) access methods that prevent them from ever knowing the credentials they are using for access. With passwords safely and secretly in a credential vault, passwords will never be placed on a spreadsheet, written on a sticky note, or sent company-wide in an email.

Enforce best practices for strong passwords and password expiration in your vault

  • When you aren't circulating credentials to users, you can make them as complicated as you want and change them just as often without disrupting the workflow of your users. Set expirations on accounts using your credentials to expire after a period of inactivity to help prevent misuse of the credential.

Authenticate individual users of your credentials every time

  • Now that your complex credential is tucked safely away in your vault, make sure it is only used by authorized users. Use a multi-factor authentication that verifies the individual.  Before you let them use the credential, confirm that the individual still works for the vendor. For privileged access and high-security applications, consider using IP source network control to manage where they are using your credentials from.

Audit the use of your credentials

  • Every time a credential is used you should know who used it, why, what time, for how long, and what was done under the power of that credential. Make sure the power that comes with the credentials is being used appropriately and that no one is misusing your credentials to exploit or damage your network and systems.

Solutions for access

  • VPNs and desktop sharing tools have been the traditional method of remote vendor access. While VPNs work for employee access, they do not provide the required level of access control and audit capabilities necessary for third-party connections.

Review your vendor access procedures and tools to ensure they're in line with best practices. On the other side, vendors and contractors should make sure to limit their risk exposure by utilizing remote support tools that provide their customers with flexible controls and activity records.

About the Author
Tony Howlett is a published author and speaker on various security, compliance, and technology topics. He serves as President of (ISC)2 Austin Chapter and is an Advisory Board Member of GIAC/SANS. He is a certified AWS Solutions Architect and holds the CISSP, GNSA certifications, and a B.B.A in Management Information Systems. Tony is currently the CISO of SecureLink, a vendor privilege access management company based in Austin.

About SecureLink
SecureLink is the leader in managing secure vendor privileged access and remote support for both highly regulated enterprise organizations and technology vendors. More than 30,000 organizations across multiple industries including healthcare, financial services, legal, gaming, and retail rely on SecureLink's secure, purpose-built platform. SecureLink is headquartered in Austin, Texas.

To learn more about the SecureLink platform, visit securelink.com.

Contact:

Richard Weber
richard@austinmarketingconnection.com 
T. 512-971-0453

Cision View original content to download multimedia:http://www.prnewswire.com/news-releases/securelink-offers-vendor-breach-avoidance-in-simplest-terms-300873782.html

SOURCE SecureLink

Anzeige
Anzeige
Börse Stuttgart Anlegerclub

Die richtige Strategie für die Börsenkrise

Stecken Sie nicht den Sand in den Kopf, sondern kaufen Sie die richtigen Aktien. Erfahren Sie im aktuellen Anlegermagazin mehr über attraktive Qualitätsaktien und zyklische Aktien
Kostenfrei registrieren und lesen!

Heute im Fokus

DAX geht etwas fester ins Wochenende -- Dow Jones im Minus -- Wirecard: Zusammenarbeit mit Aldi -- Zipse wird neuer BMW-Vorstandschef -- Software AG, Bayer, Sartorius, Microsoft, Boeing im Fokus

Pfeiffer Vacuum passt Prognose nach Quartalszahlen an. American Express meldet Gewinnsprung. Ex-Automanager Ghosn reicht Klage gegen Nissan und Mitsubishi ein. NORMA passt Jahresprognose an. Heidelberger Druck-Aktien setzen Kurseinbruch fort. AB InBev verkauft Australien-Geschäft. Munich Re erzielt Milliarden-Gewinn.

Die 5 beliebtesten Top-Rankings

Die 12 toten Topverdiener 2019
Diese Legenden sind die bestbezahlten Toten der Welt
Das hat sich geändert
Diese Aktien hat George Soros im Depot
Big-Mac-Index
In welchen Ländern kostet der Big Mac wie viel?
Die Länder mit den größten Goldreserven 2019
Wer lagert das meiste Gold?
In diesen Berufen bekommt man das niedrigste Gehalt
Welche Branchen man besser meiden sollte.
mehr Top Rankings

Umfrage

Wo sehen Sie den DAX Ende 2019?

Online Brokerage über finanzen.net

finanzen.net Brokerage
Handeln Sie für nur 5 Euro Orderprovision* pro Trade aus der Informationswelt von finanzen.net!

ETF-Sparplan

Oskar ist der einfache und intelligente ETF-Sparplan. Er übernimmt die ETF-Auswahl, ist steuersmart, transparent und kostengünstig.
Zur klassischen Ansicht wechseln
Kontakt - Impressum - Werben - Pressemehr anzeigen
Top News
Beliebte Suchen
DAX 30
Öl
Euro US-Dollar
Bitcoin
Goldpreis
Meistgesucht
Microsoft Corp.870747
Deutsche Bank AG514000
Scout24 AGA12DM8
Daimler AG710000
Apple Inc.865985
Amazon906866
Mowi924848
Sixt SE St.723132
BMW AG519000
Canada Carbon IncA1J5XH
E.ON SEENAG99
AbbVie IncA1J84E
ENCAVIS AG609500
Watsco Inc.885676
ExxonMobil Corp. (Exxon Mobil)852549