Requirements for Securing Third-Party Access

Robert Marti

This edition of Software Confidential is by Robert Marti, Product Marketing Manager at CA Technologies. Robert has been responsible for go-to-market strategy on a range of CA products, including Advanced Authentication, Privileged Access Manager and Single Sign-On.

Strengthen Authentication.

To succeed in the app economy, an enterprise must give various partners, vendors and contractors access to its systems. But these third parties are likely to have relatively immature procedures for managing login credentials. Therefore, authentication for third parties should go beyond the password to include multifactor authentication technologies like certificates and tokens.

Implement Fine-Grained Access Controls and Permissions.

Granular access controls should be deployed to ensure authentication only gives third parties access to systems that are relevant to their work. Also, because some third-party users will require access to sensitive systems, fine-grained permissions should be enforced with a privileged access management system.

Monitor and Investigate Suspicious Activity.

It will also be necessary to implement user behavior analytics—monitoring third-party users and correlating their behavior against historical usage data, to identify suspicious patterns. Doing this will empower you to spot threats early on and refine your security processes until you are able to proactively prevent breaches.

By Robert Marti | 24 Jan 2018

Make security a competitive advantage.

We’ll show you how to give users better, safer experiences.

See how >