While the term
“corporate infrastructure insider” is frequently used to refer to in-house
employees, there’s one more category of users with access to corporate
infrastructure — those who work for third-party organizations providing
professional outsourcing services.
These organizations can be:
Managed service providers (MSPs), in particular, managed security service providers (MSSPs)
IT outsourcing service providers, frequently referred to as IT providers
Remote third-party vendors
auditors and experts
These people can
administer your databases, configure and maintain your servers and critical
applications, monitor security perimeters, test system vulnerability, and
perform other important tasks to ensure business continuity.
Due to their roles
and tasks, they have privileged access to critical endpoints and are in touch
with sensitive information.
IT provider monitoring and remote third-party vendor management and auditing are essential parts of overall risk management and regulatory compliance.
Outsourced administrative service providers can change the configuration of critical systems, and thus their actions need to be monitored closely.
Outsourcing service providers have access to the enterprise protected perimeter and, naturally, third-party monitoring tools should be part of a company’s security strategy.
Outsourcing staff can access, modify, or even delete sensitive data. Third-party security monitoring is crucial to ensure data security.
Kriptone meets all of a company’s needs by setting up third-party vendor
security monitoring processes.
The solution can be easily deployed on critical endpoints, providing visibility with the help of detailed video logs of any SSH and RDP sessions by third-party service providers.
You can configure Kriptone to record sessions by all users or only sessions by selected usernames or IP addresses, allowing you to focus on 3rd party monitoring.
Due to the typically escalated privileges of such third-party providers, MSP monitoring software and third-party security monitoring services must provide a comprehensive set of privileged user activity control features. Kriptone does just that:
Records user sessions with privileged user monitoring
Advanced client protection mode prevents unauthorized administrative attempts to block monitoring
As subcontractor sessions are typically remote, thorough identity verification for each connection is crucial. Ekran System equips your team with:
Multi-factor authentication (MFA) based on credentials and mobile devices.
authentication for shared logins to deal with default logins like admin and
root, which are frequently used by remote administrators. Secondary
authentication allows activity to be clearly assigned to an individual user.
Kriptone third-party access security solutions provide granular access control:
Terminal Server clients deliver a complete privileged account and session management (PASM) tool set for granting and managing temporary access.
One-time passwords can be used for the most critical endpoints or emergency access.
For the most high-risk scenarios, you can set up access request and approval workflow.
Ticketing system integration allows you to implement purpose-based access.
Access request and approval workflow
When an IT provider or third-party vendor performs an abnormal or security-critical action, your team will be notified and provided with context of the incident so they can respond immediately.
Besides real-time alerting on potentially dangerous actions within sessions, the system can also notify your security team when a session is being established by specific users or from specific IPs. Critical alerts can trigger automated incident response actions, such as terminating a session or blocking a user.
Various general user activity reports make it even simpler and more efficient to monitor IT providers and third parties.