back to article Microsoft warns partners to revoke unused authorizations that drive your software

Microsoft has advised its reseller community it needs to pay attention to the debut of improved security tooling aimed at making it harder for attackers to worm their way into your systems through partners. That service providers can be used to attack their customers is not in dispute: recent exploits targeting ConnectWise, …

  1. Plest Silver badge
    Facepalm

    Let's stop willy-nilly handing the keys over to remote suppliers and software in the first place just for the ease of switching on our lightbulbs through our mobile phones!

  2. Tom Chiverton 1

    Why is this even a thing?

    Just create "support user" in AD and enable when needed?

    1. Anonymous Coward
      Anonymous Coward

      Let's party like it's 1989 ?

      Sorry, but shared accounts are not a great idea. If just from the compliance and auditing perspective.

    2. Pascal Monett Silver badge

      You don't want that.

      Think about it for a minute : why are you authorizing remote access to a 3rd party in the first place ? Most likely, it is because they have the special proficiency you are lacking in your own workforce. That means they'll be coming in with near-admin level privilege. You want to be able to track that, and you don't want to give admin access to someone who clearly will never need it.

      Create a specific user for that specific access, and log the interactions. That way, if something fishy happens, you either have proof of origin, or proof that you need to look somewhere else.

      1. Auntie Dix
        Mushroom

        Those Shortsighted Savings Will Cost You Dearly

        "Why are you authorizing remote access to a 3rd party in the first place? [The m]ost likely [reason is that he has] special proficiency [that] you are lacking in your own workforce."

        You could have hired an FTE with such proficiency, but you're an a$$h0le.

        That's why your pennywise-but-pound-foolish company deserves what it gets, when, later, it gets hacked.

        1. A random security guy

          Re: Those Shortsighted Savings Will Cost You Dearly

          Partnerships are a reality. Collaborations are a reality. Two companies may need to work together on projects, account payments, approvals, etc. Many times a company will create separate groups: employees who deal with IBM and, separately, employees who deal with MSFT. It is normal for these employees to collaborate with their customers and vendors on a very close basis.

          The best examples are employees of audit companies, which by the very nature of their tasks, can't be the audited company's employees.

  3. Mobster

    GDAP

    Resellers should giddyup on to the gdap.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like