Each year as a part of the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) risk management efforts, security assessments are conducted to produce an annual report that shares cybersecurity findings, identifies weaknesses, and outlines risk mitigation actions that ICS organizations should consider when addressing cybersecurity in their organizations.
The latest report was released this month and highlights the top six weaknesses discovered for ICS organizations in 2015. This list includes weakness in boundary protection, least functionality, authenticator management, identification and authentication, least privilege, and allocation of resources. Bomgar’s Secure Access solutions can help ICS organizations mitigate and reduce all of these top risks, giving organizations the ability to secure access to critical systems and accounts. We’ve outlined below how Bomgar combats these risks:
Risk 1: Boundary Protection
Without proper boundary protection, administrators cannot detect unauthorized activity in critical systems and there is an increased risk to critical assets. All Bomgar sessions use firewall friendly “outbound” connections that are brokered through the Bomgar appliance over a secure port. Bomgar controls access to specific systems, allowing admins to set up jump points when necessary, without requiring a direct network connection. Alerts can be established so that administrators know when a connection is being requested and by whom.
Risk 2: Least Functionality
Weak access controls allow for a risk of creating vectors for malicious party access to critical systems or rogue internal access to be established. Bomgar enables role-based access to specific systems. Admins can define session parameters, such as access timeframes, required approvals, and permitted features to maintain control of access. Vendors and privileged users can be granted the specific level of access they need for a task in order to mitigate attack vectors.
Risk 3: Authenticator Management
Unsecured password communications can be easily compromised, allowing unauthorized access to systems. Bomgar Vault and Bomgar Verify* provide seamless password injection and flexible two factor authentication, to protect privileged account credentials and eliminate the risk from exposing plain text passwords.
Risk 4: Identification and Authentication
Without identification and authentication controls, there is little accountability and traceability for user actions if an account is compromised, especially if they had administrator access. Bomgar Vault allows admins to automatically rotate credentials and enforce requirements for setting passwords, enabling admins to secure and manage shared credentials. It can also be integrated with Active Directory to complement your existing security posture.
Risk 5: Least Privilege
The more authorized users with elevated privileges, the larger the attack surface for an intruder to steal account credentials with elevated access rights to access and compromise critical systems. Bomgar Privileged Access enables security professionals to control, monitor, and manage privileged access to critical systems by authorized employees, contractors and third party vendors. Bomgar allows admins to grant temporary elevated access to privileged accounts as well as automatically record all activity within a session so admins know not only who is accessing a system, but also what they did in it.
Risk 6: Allocation of Resources
Understaffing impedes organizational cybersecurity monitoring and response capability to a critical system cyber incident increasing the potential impact to the company. Integrating a secure access solution like Bomgar increases your team’s efficiency by automating processes and enabling them to define permissions in advance. With features such as password injection, automatic rotation, and jump technology, processes come together allowing your admins to work more efficiently.