![\"New](\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/2019-SIEM-CEO-MAIN-MOD.jpg\")
<\/p>\n<\/p>\n
What are some new third-party identity security challenges your enterprise must face in the coming year? Why do these matter now more than ever?\u00a0<\/span><\/p>\n Recently, the SolarWinds hack – already one of the worst in history – took on a new dimension. In addition to hackers affiliated with the Russian government, it appears that hackers possibly associated with the Chinese government also exploited a vulnerability. This vulnerability exploit allowed this hacking group access to the US Department of Agriculture’s National Finance Center.<\/span><\/p>\n The incident reveals the perils inherent in working with third parties. A third-party refers to another business that maintains access to your network, often to fulfill critical tasks. These can involve cybersecurity, financial data, human resources, and more. Almost no business today can function without employing at least a few third parties in their work processes.\u00a0<\/span><\/p>\n However, third parties open new cybersecurity<\/a> challenges for enterprises of all sizes. For example, one of the most famous breaches of the modern age, the Target Breach, involved a third party; in that incident, hackers exploited an HVAC company with Target network access to steal millions of credit cards.\u00a0<\/span><\/p>\n So your business needs to recognize the importance of third-party identity security. But where can you begin?\u00a0<\/span><\/p>\n Yes, it really can come down to something this simple. Katie Nickels, Director of Intelligence at <\/span>Red Canary<\/span><\/a>, gave this statement to <\/span>Wired<\/span><\/a>: \u201cWhat we saw for the first week or two, even after the initial SolarWinds revelations, was some organizations just trying to figure out whether they even use SolarWinds products. So I think the shift has to be to knowing [their] dependencies and understanding how they should and shouldn\u2019t be interacting.\u201d<\/span><\/p>\n Do you have a complete understanding of all the third parties that operate on your network? Does your organization have a concrete, systematic process for onboarding and offboarding third parties? Are all business partners subject to third party identity security processes?\u00a0<\/span><\/p>\n These aren\u2019t idle questions. You need a higher level of visibility than you might realize to best secure your IT environment.<\/span><\/p>\n
Widget not in any sidebars
\nThird-Party Identity Security: What You Need to Know<\/b><\/h2>\n
1. What Third-Parties Does Your Business Work With?\u00a0<\/b><\/h3>\n
2. What Privileges Do Your Third Parties Possess?<\/b><\/h3>\n