©2022 SecureLink. All rights reserved.
It likely comes as no surprise that, year after year, the number of state and local government cyberattacks continues to rise. In 2019, nearly two-thirds of all publicly known ransomware attacks in the US were against government agencies, and the majority of those attacks targeted town, city, and county-level entities. Last year in 2020, at least 113 government agencies were impacted by ransomware attacks, at an estimated cost of $913 million dollars.
How are these costly cyberattacks happening? They’re caused primarily by bad actors targeting and compromising government vendors and third parties. And data shows that hackers are right on target: nearly two-thirds of data breaches originate through third parties. Although these third parties provide valuable services and support government IT departments, they also pose a risk with the access they’ve been granted. Often aware of the security risk this access can pose, yet faced with a limited budget for new government IT security purchases, legacy systems, and limited resources to manage access securely and efficiently, government cybersecurity and IT teams struggle to appropriately prepare for and defend themselves against this known risk.
Take the example of the all-too-efficient cyberattack on twenty-two municipalities in Texas in late 2019: Key city services were taken down and ransom payments totaling in the millions were demanded. How? Through one compromised vendor who provided services for all of those cities. This incident showcases why bad actors often focus on a government vendor: it’s a better bang for their buck – in this case, twenty-two end targets and twenty-two possible incoming payments.
As a result of the growing number of cyberattacks on local governments, regulations across the board are honing in on the third-party element. From the FBI’s CJIS Security Policy, to HIPAA and HITECH, to PCI, to NERC, as well as best practices from NIST and ISO-2700, there is an increasing regulatory burden on local governments with third-party access and ensuring they are meeting those requirements, with greater consequences for failing to do so.
In today’s environment of increasing government cyberattacks, it is only a matter of when, not if, an attacker sets its sight on your network. Today is the day to prepare and ensure you can continue to safely deliver services to your taxpayers. Secure your third party’s remote access to your network and ensure you meet your compliance requirements. And just as importantly, manage it more efficiently and free up valuable resources within your team.
checklist
Learn how you can eliminate the third-party vulnerabilities that can threaten CJIS compliance and the security of your network with SecureLink for Governments. Count on CJIS-compliant security with the granular controls and audit features you need to secure your third-party remote access.
| Detailed audit and reporting | Capture all third party session activity with HD video and keystroke logs, files transferred, commands entered, services accessed, and work completed |
| Multi-factor authentication tied to individual accounts | Ensure approved third-party access with individual accounts for each user, verifying identities with CJIS two-factor authentication and current employment status upon each login |
| Native credential vault or integration with your PAM | Store credentials securely and inject them directly into a session, ensuring third parties have zero visibility and access to network or application credentials |
| Access controls | Define allowed access down to the host and port level with access timeframes, and assign granular permissions to each user to ensure least privilege access |
| Built-in compliance and best practice checklist | Use the built-in checklist to verify that your SecureLink server is configured to satisfy your compliance requirements, including CJIS, PCI, HIPAA and more, as well as meet recommended government cybersecurity best practices |
| Compliance Reporting | Provide detailed reports from a single solution to internal and external auditors checking for CJIS, HIPAA, PCI compliance and others, as well as government cybersecurity best practices like those recommended by NIST |
| Access and approval workflows | Define required access approvals for each application, and delegate approvals to departmental business owners |
| Self-registration and automatic deprovisioning | Allow third-parties to register for their own user account, and send the approval request directly to the business owner, without needing IT involvement for account creation
Define timelines or rules for when accounts should automatically be deprovisioned to remove access |
| Universal access methods | Support connectivity and audit for all TCP and UDP protocols, including, but not limited to, RDP, SSH, Telnet, HTTP(S), FTP and custom protocols
Allow vendors to use their own native tools in providing support |
| Access Review | Receive notifications upon vendor’s connection and disconnection from your network, with links to quickly and easily review completed work |
© 2022 SecureLink. All Rights Reserved | Privacy Policy | License Agreement | Security Disclosure
