Lax Access Steps Jeopardize Government Network

The Network: A U.S. federal government agency that is a long-standing user of Netsurion SIEM from Netsurion.

The Expectation: It is common practice for government agencies to engage contractors to perform IT related tasks. These contractors must go through a well-established clearance procedure, including background checks before access is permitted to the network they will be use. System Admins in IT should monitor authentication and access promptly and remove logins immediately once a vendor or employee leaves.

The Catch: Accounts setup for IT contractors were not disabled after their task was completed, or their contract ended.

The Find: Lax account login processes allow an unguarded door into the federal government network. No activity should be seen on an account set up for a person who no longer needs access to the network.

The Lesson: Identity and Access Management (IAM) is crucial to maintain U.S. federal government cybersecurity. Compliance mandates such as NIST 800-171 outline access control procedures to help eliminate insider threats as well as external security gaps. Other cybersecurity recommendations include:

Admins immediately removing former contractors and employees from systems – especially individuals with elevated privileges to sensitive data
Reviewing logs and reports regularly for suspicious behavior
Implementing password best practices such as pass phrases, longer terms, and rotation
Adopting least privilege access based on a “need to know”
Being vigilant knowing the human element is a large threat vector

Learn more about how Netsurion’s SIEM supports government access and authentication controls.

24X7 SOC-AS-A-SERVICE

OPEN XDR PLATFORM

USE CASES

WHY NETSURION

PARTNERS

ALL CYBERSECURITY INSIGHTS

Level up your cybersecurity!

ABOUT NETSURION

XDR Hot Company

Next-Gen MDR Service

Best MDR Solution

Lax Access Steps Jeopardize Government Network