search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Security S


upply chain attacks are on the rise – the UK’s National Cyber Security Centre issued fresh guidance and warned that just over one in ten businesses review the risks posed


by their immediate suppliers (13%), and the proportion for the wider supply chain is just 7%. Attacks in the IT supply chain tend to exploit relationships


that businesses may have with suppliers, their products, or the services they use. Tey do this because it is easier to gain access to a poorly equipped vendor via a third party than to directly do it via an MSP’s network protected by firewalls, xDRs or detection soſtware. One of the reasons this is happening could be because there is an abundance of security and SaaS tools, which is pushing bad actors to find a route indirectly. A very recent example could be the MOVEit hack which


gained access to multiple companies in one go via a breach in payroll soſtware. And this is not just happening in the UK, but worldwide.


Te recent compromise of SITA, a multinational IT company providing services to the air transport industry, led to an attack vector on several aviation companies working with SITA, including some members of the Star Alliance, which has some of the biggest names in the aviation industry. How do bad actors manage to exploit third-party


relationships and gain access? A recent study by Wavestone found that out of all attacks analysed, hackers had a domain account with the highest privilege level. This can unfortunately happen when MSPs are regularly confronted with connections from vendors or service providers in charge of deploying, maintaining, or fixing a part of their information system (IS). This may take place in a data centre or in cloud services used for business or office applications. These accesses can involve several dozens of different providers, even hundreds in some cases. MSPs can have several dozen vendor users with privileged


accounts, under conditions that are not under the MSP’s control, which is critical for the security of the MSP’s IS. What’s more, the MSP sometimes may not know whether the users that have access to privileged accounts are still working for their vendors. So, what can be done? MSPs can’t just refuse to give privileged


access to their vendors when they need it. Tis is where a Vendor Privileged Access Management


(vPAM) solution is useful, which is offered by innovative platforms such as cyberelements. vPAM is a combination of the benefits of Privileged Access Management (PAM) for managing privileged accounts and Zero Trust Network Access (ZTNA) for secure access to resources. Trough a PAM, MSPs can monitor privileged sessions,


secure privileged accounts, control authorisations and provide Just-In-Time access. Tis enables IT managers to know at any time exactly who is connected to what, and even to know precisely the actions carried out via a video recording of privileged sessions, allowing them to quickly find the origin of a suspicious modification on a server or an application. A vPAM automatically injects privileged accounts when the vendor logs in, so it does not have the associated credentials, removing the risk of these being stolen from a vendor’s network.


www.pcr-online.biz Trough a vPAM, IT managers can easily identify who has the


right to connect to what, and to ensure that a provider cannot connect in the middle of the night if it is not necessary. Tis is possible because a vPAM allocates access rights to privileged resources and access conditions to specific vendor users. Trough such solutions, IT managers can also easily control


access approvals and have an approval workflow mechanism, so that resources and sensitive files are always protected. Tis is all enhanced by a ZTNA which secures network access


and implements multi-factor authentication (MFA). Technically speaking, a ZTN is a security model which


maintains strict access controls and does not trust any device, user or process by default, even if connected to a permissioned network. The ZTN approach advocates mutual authentication and provides access to the network based on the confidence of device identity and device health in combination with user authentication. In plainer words, a ZTN only allows certain actions in your


network by certain users or processes. It creates a vacuum between your data centre and your end users in the office or at home if they’re remote or contractors. A ZTN is also very important because it turns your data into information on the cloud, rather than allowing your users to have access to the hard assets, and makes it of value if only used for a specific reason. For maximum security though it’s vital that organisations


combine their PAM and ZTNA with intuitive solutions such as passwordless FIDO authentication keys for each end user. Tat way they can help eliminate phishing and reduce the threat of ransomware while constantly monitoring for new threats. By implementing modern-day platforms, IT managers can


have an eagle-eye view of their customers’ networks. Tey can provide access quickly and securely without having to verify access rights and change passwords regularly. Not only IT managers have it easier, but also customers gain autonomy and don’t have to regularly phone their IT suppliers for access. MSPs can also prevent malicious or clumsy actions on a critical application or server by separating their business and blocking unexpected actions in real-time, and simplifying business continuity by being able to recover changes made quickly aſter the fact. Te cybersecurity landscape is fast-changing with new


threats constantly evolving. Tat’s why what is even more important than choosing the right platform is education and training. Vendors, MSPs and channel partners need to get on the same page when it comes to understanding the current and evolving cybersecurity threats. Tis should go beyond the traditional “training” of how to use a particular tech stack, but giving partners and customers the whole picture of the cybersecurity landscape. Tis could include tutorials on how to spot weak links in your system, how to spot potential threats or masterclasses on new and evolving cyber threats. Te times are changing and the IT channel has to get on board, otherwise, it risks not only cyber-attacks, but also monetary and reputational damage. We must do all our part together. And to quote Helen Keller, “alone we can do so little; together we can do so much”.


July/August 2023 | 39


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52