Third Parties Caused Data Breaches at 51% of Organizations

Third Parties Caused Data Breaches at 51% of Organizations

Remote access is becoming an organization’s weakest attack surface, according to new research published today by the Ponemon Institute and third-party remote access provider SecureLink.

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

The new report, titled “A Crisis in Third-party Remote Access Security,” reveals a disparity between an organization’s perceived third-party access security threat and the protective measures it puts in place. 

Researchers found that organizations are exposing their networks to non-compliance and security risks by not taking action to reduce third-party access risk. 

Nearly half (44%) of organizations were found to have experienced a security breach within the last 12 months. Of those organization, three-quarters (74%) said that the breach had occurred because too much privileged access had been given to third parties.

Researchers found that organizations are not doing the necessary security checks before sharing data access with third parties. Just over half (51%) of organizations said they had not been assessing the security and privacy practices of all third parties before granting them access to sensitive and confidential information. 

“Providing remote access to third parties without implementing the appropriate security safeguards is almost guaranteeing a security incident and a data breach involving sensitive and confidential information,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. 

“It is important that organizations assess the security and privacy practices of the third parties that have access to their networks and ensure that they have just enough access to perform their designated responsibilities and nothing more.”

Other key findings were that 54% of organizations do not have a comprehensive inventory of all third parties with access to their network, and 65% of organizations have not identified the third parties with access to their organization’s most sensitive data.

“The findings in this report showcase the lack of security, management, and accountability that’s needed to adequately secure third-party remote access, which is very worrying,” commented Joe Devine, CEO of SecureLink. 

“While recent high-profile breaches have done a good job of highlighting the serious risks of unsecure vendor relationships, there is still a lot of work to be done to shift organizations’ mindset when it comes to protecting not only their data, but their customer and partner data too.”

By admin