Third-party access: the forgotten security risk – TechRadar

Nearly every organisation today relies on a variety of remote third-party vendors to access, maintain, and support critical internal systems and resources. These vendors have come to play a critical role in maintaining modern organisations’ complex and distributed IT infrastructures. However, third-party access does not come without accompanying risk. Whilst organisations may have extensive security measures in place to guard from attacks targeting internal accounts, the security of third-party vendors with access to internal systems is a well-overlooked issue.

About the author

David Higgins, EMEA Technical Director at CyberArk.

Third-party access use is worrying because recent data breaches have shown that it is a common factor in successful cyber-attacks. In January, co-working provider Regus suffered a highly-sensitive breach in which employee performance details ended up being published online. The breach was a direct result of third-party access insecurities and occurred because Regus commissioned a third party to assess staff performance using secretive filming. The results were then accidentally leaked through a task management website. 


Leave a Reply