Requirements for Securing Third-Party Access

Robert Marti

This edition of Software Confidential is by Robert Marti, Product Marketing Manager at CA Technologies. Robert has been responsible for go-to-market strategy on a range of CA products, including Advanced Authentication, Privileged Access Manager and Single Sign-On.

Strengthen Authentication.

To succeed in the app economy, an enterprise must give various partners, vendors and contractors access to its systems. But these third parties are likely to have relatively immature procedures for managing login credentials. Therefore, authentication for third parties should go beyond the password to include multifactor authentication technologies like certificates and tokens.

Implement Fine-Grained Access Controls and Permissions.

Granular access controls should be deployed to ensure authentication only gives third parties access to systems that are relevant to their work. Also, because some third-party users will require access to sensitive systems, fine-grained permissions should be enforced with a privileged access management system.

Monitor and Investigate Suspicious Activity.

It will also be necessary to implement user behavior analytics—monitoring third-party users and correlating their behavior against historical usage data, to identify suspicious patterns. Doing this will empower you to spot threats early on and refine your security processes until you are able to proactively prevent breaches.

By Robert Marti | 24 Jan 2018

Subscribe to The Blueprint

At CA, your time and privacy are just as important to us as they are to you. We use the information you provide to us under our legitimate interests to make sure you hear about topics of interest to you. If we got it wrong you can update your preferences by clicking here. If you'd like to know more about how we use your personal information, you can read our privacy statement here.

Please fill out all required fields

You are now subscribed to The Blueprint.