Microsoft warns partners to revoke unused authorizations that drive your software Microsoft has advised its reseller community it needs to pay attention to the debut of improved security tooling aimed at making it harder for attackers to worm their way into your systems through partners. That service providers can be used to attack their customers is not in dispute: recent exploits targeting ConnectWise, …
You don't want that.
Think about it for a minute : why are you authorizing remote access to a 3rd party in the first place ? Most likely, it is because they have the special proficiency you are lacking in your own workforce. That means they'll be coming in with near-admin level privilege. You want to be able to track that, and you don't want to give admin access to someone who clearly will never need it.
Create a specific user for that specific access, and log the interactions. That way, if something fishy happens, you either have proof of origin, or proof that you need to look somewhere else.
"Why are you authorizing remote access to a 3rd party in the first place? [The m]ost likely [reason is that he has] special proficiency [that] you are lacking in your own workforce."
You could have hired an FTE with such proficiency, but you're an a$$h0le.
That's why your pennywise-but-pound-foolish company deserves what it gets, when, later, it gets hacked.
Partnerships are a reality. Collaborations are a reality. Two companies may need to work together on projects, account payments, approvals, etc. Many times a company will create separate groups: employees who deal with IBM and, separately, employees who deal with MSFT. It is normal for these employees to collaborate with their customers and vendors on a very close basis.
The best examples are employees of audit companies, which by the very nature of their tasks, can't be the audited company's employees.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
