Scott Braynard, VP of Public Sector for Bomgar, a remote support solutions provider that has been making inroads into the access management market, has an article out on Government Technology, a web news site dedicated to IT’s role in state and local governments that is worth your time. Scott has some advice for those concerned (and those who are not, because they should be) with recent public sector data breaches and are afraid the same thing could happen to them. First, he outlines a key vulnerability: third-party access:
The vulnerability in many recent data breaches in both the public and private sectors has been third-party access points, which follows the findings of the 2013 Trustwave Global Security Report. That report found remote access or remote desktop services as a leading vector through which hackers are infiltrating networks, accounting for nearly half of the breaches studied. Another study by Verizon found that remote access tools were used in 88 percent of hacking-related data breaches.
Once hackers are in, they tend to go for accounts that have what Scott terms “privileged access,” such as high-level admin rights, in order to cause as much damage and steal as much data as possible. The solution is a layered approach to security, with one layer being something called “privileged account management” (PAM) or the management of identities and accounts that have privileged access to the rest of a network.
As part of PAM and dealing with third-party access, which to me looks like Bomgar’s branding strategy for its IAM solution to differentiate itself in the market, Scott says you should focus on a couple of major solution areas. Specifically, you need to assess the number of remote access tools in use and permission settings. Remote access tools can often proliferate beyond IT’s control if not kept in check, resulting in numerous security risks if not caught. Permission setting review should focus on making sure that those who need access to a certain part of the network get that access, and only that access and no more.
Scott also recommends you implement a solution that centrally audits and records all remote access attempts and sessions, offers unique log-in credentials for all third-party users, and implements multi-factor authentication. These are all features, of course, that Bomgar offers as part of its remote access toolset solution.
For our top IAM solution providers, you can check out our 2015 Buyers Guide here.
Latest posts by Doug Atkinson (see all)
- Yahoo Goes Passwordless to Access Account Services - April 6, 2015
- The Identity of Things Could Streamline Government Services - March 30, 2015
- The Third-Party Threat: Are You Safe? - March 18, 2015