Third-Party Risk Considerations Associated with the Executive Order on Cybersecurity

For providers of technology and business services, like value added resellers (VARs) and managed service providers (MSPs), it’s important to acknowledge a customer’s risk of third-party cyberattacks – especially because VARs and MSPs are likely one of those third-party connections.

Many organizations utilize remote tools like virtual private networks (VPN) and remote desktop protocol (RDP) to connect to their customers; these tools are common to use and help many organizations connect to their users.

However, there’s a subset of organizations, including some of those in the SecureLink Partner base, that are required to use higher security protocols to meet service level agreements (SLAs) or contractual obligations. The functionalities of a cybersecurity tool like SecureLink meet those obligations and offer increased security, least privilege access, and detailed audit capabilities – all features that are even more prized considering the slew of recent cybercrimes.

After recent events, enhanced cybersecurity features are going to be the highest selling point for any technological product or service. The results of a cyberattack could be disastrous for a company, its customers, or the general public – whether it was caused by a third party or not. A recent example of this that impacted the eastern part of the United States was the Colonial Pipeline hack. Although it was the result of several factors, the biggest contributing factor was a compromised VPN account without multi-factor authentication enabled. 

The White House released an Executive Order following the attack providing guidance to strengthen the digital networks that support our nation’s critical infrastructure. Although these are mandated for federal institutions, the guidance can help inform the advice that you provide to your customers as their trusted technology advisor.

The Executive Order highlights many cybersecurity best practices. While our team has been implementing many of these practices in our solutions since 2003, here are a few sections that are aligned to our product features:

• • Modernizing federal government cybersecurity
  • The order mandates that the federal government “must adopt security best practices” and “advance toward Zero Trust Architecture”
  • Enhancing software supply chain security
  • The order calls for improvement of the “security and integrity of ‘critical software’”, as well as the improvement of “privileges or direct access to networking and computing resources”
  • Securing software development environments, including such actions as:
    • Auditing trust relationships
    • Establishing multi-factor, risk-based authentication and conditional access across the enterprise
    • Monitoring operations and alerts and responding to attempted and actual cyber incidents
    • Implementing detection capabilities “centrally located to support host-level visibility, attribution, and response”

These best practices are put in the mandate because the White House knows these practices are the best lines of defense against cyberattacks from external parties. Having a product that implements these features will help your customers feel more confident that they’re using a tool with security approaches approved by federal cybersecurity government experts. 

By utilizing SecureLink products, you can adhere to the Executive Order security practices, and your customers will dramatically lower their risk associated with third parties. Here is how we do it:

• The third-party (non-employee) self registers for remote access. If the domain is not authorized, no access is granted. This aligns with the call for restrictions on privileged access in the Order. 
• Once registered, employment verification is sent to the work email of the third-party rep. If they are no longer an employee, they don’t get access. This aligns with risk-based authentication.
• When a rep tries to log in, multi-factor authentication (MFA) is enabled to verify the identity and permissions of the rep. If the login attempt is not verified through MFA, the rep cannot access the network. This aligns with the multi-factor access order. 
• Once approved for remote access, the individual can only go to the specific IPs associated with that third party and can only access the permitted application(s) that are assigned to the individual. This meets the Zero Trust Architecture and host-level visibility requirements of the Executive Order.
• During an active remote access session, all screen activity and audio are recorded in HD video, and every keystroke of the individual rep is logged. This auditing practice aligns with the monitoring operations practices outlined in the Order.

We can also provide your team with security consultations to ensure that your customers are aligning and complying with industry regulations like HIPAA, NIST, CJIS, and PCI, as well as help prepare your customers to be ahead of the curve as it relates to the Executive Order.

The Executive Order serves as a guide for best cybersecurity practices for any kind of organization, and it’s especially beneficial for your customers. When providing your customers with a tool like SecureLink, you can be confident that they’re protected from external threats and that you’re selling a product that already meets federal government cybersecurity standards. You’ll want SecureLink in your corner, and we’re happy to partner with you to bring these security solutions to more people and further prevent damaging cyberattacks. 

If you’re interested in becoming a partner, reseller, or referral for SecureLink, please visit the SecureLink Partner page or contact partners@securelink.com to find out more information about our Partner program.