Mitigating the Dangers of Remote Login Accounts

Share and earn Cybytes
Facebook Twitter LinkedIn Email

When strengthening your insider threat security posture, it is crucial that third party access is not over looked. The term “insider” is defined as a current or former employee, contractor, or business partner who has or had authorized access to the organization’s network, systems, or data. An insider threat is when an insider intentionally or unintentionally misuses access to negatively affect the confidentiality, integrity, or availability of the organization’s critical information or system. Research has shown that a massive amount of data breaches are accomplished via remote access to a company’s systems.  The most common of these channels are Virtual Private Network (VPN), Remote Desktop Protocol (RDP), Microsoft’s Terminal Services, Citrix XenDesktop and Citrix XenApp Published Applications, and Secure Shell (SSH).

Because the remote accounts used in these breaches are authorized by IT, traditional perimeter defense systems have challenges addressing what users are doing with authorized access.

“I know when users are logging in and I know when users log out. What they are doing when they are in … I have no idea.” – CISO, Fortune 500 Company

To defend against the abuse of these accounts – both by authorized account users and compromised insiders– it is imperative organizations monitor exactly what remote users are doing on critical assets once access is granted. The remote IT Contractor is here to stay. Remote contractors and their employees have become an integral part of day-to-day IT operations in most organizations. Internet-based remote access systems are critical for numerous business function providers, including:

  • Outsourced software developers and QA teams
  • Outsourced software application configuration/customization consultants
  • Outsourced database administrators
  • Managed service providers responsible for servers, network equipment (firewalls, routers, switches, etc.) and even entire data centers
  • Managed service providers responsible for employee desktops (operating systems, user -permissions, software applications)
  • Outsourced employee technical support and help desk services

Read the rest of the blog here >

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About ObserveIT
ObserveIT is a user monitoring and investigation solution that identifies and eliminates insider threats. It continuously monitors user behavior and alerts IT and Security teams about activities that put their organizations at risk. ObserveIT provides comprehensive visibility into what all users are doing, while meeting compliance standards and reducing investigation time from days or hours to minutes.
Promoted Content
[report] 2018 Cost of Insider Threats: Global Organizations
According to The Ponemon Institute’s report, “2018 Cost of Insider Threats: Global Organizations,” the average cost of an insider threat annually is $8.76 million. It’s critical for organizations to understand the main causes of insider threats, because detecting insiders in a timely manner could save millions of dollars. Depending on the industry and size of company, the cost of an insider threat varies dramatically. Check out the full report to see The Ponemon Institute’s findings, and understand how to detect and prevent insider threats in the future.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?