How To Protect Against Attacks Via Third-Party Vendors

The breach of Target’s system can be traced back to an HVAC services provider that was given access to the network. With this information coming to light, awareness of third-party vendor vulnerabilities is at an all time high. Security consultant John H. Sawyer has a number of recommendations for protecting your business against the vulnerabilities that can arise by giving a trusted third-party access to your network.

He recommends that you should make sure your vendors have security polices that are “regularly reviewed, updated, and enforced”. There should also be a validation of effectiveness of these policies. These vendors should also only be given access to areas of the network that are absolutely needed, and no more. Once the access is no longer needed, it should be removed.

Remember that your business data is yours to protect. Even well-trusted vendors should be considered untrusted when given access to your network. It is your responsibility ti make sure all access to your data is secure at all times.

Tech Insight: How To Protect Against Attacks Via Your Third-Party Vendors- Dark Reading