What’s Really Going On?
One of the newest problems rising to the surface today is this novel concept of owning a business that doesn’t function as anything more than its own corporate headquarters. These businesses don’t run their own stores or employ their own workhorses because it’s cheaper, faster and more effective to simply hire a third-party company with their own pre-trained representatives to run out into the field and secure the front-end work to meet quality assurance metrics on legal and financial levels. The world is just too complex now for a single company to handle it alone. But are they secure enough from a digital security standpoint?
This isn’t so much an issue for the smaller businesses that are able to support their own weight. Once a manufacturing company grows past a certain point, it becomes essential to entrust certain work orders with a host of vendor-staffed companies that hire up contractors and send them out on one-off or repeat tasks to ensure that their obligations to the client company are met. Of course, these vendors report their work with any combination of hardware and software that connects to the Internet to exchange information with a server.
The problem with this is that, depending on the operating system, hardware configuration, installed apps, and connection used, each vendor could become a vector for malicious code manipulators to work their way into the manufacturer’s database and claim personal information. It’s not that the contractors themselves would intentionally do this; if they could, they’d probably be getting paid more to work in IT somewhere to bolster single sign-on (SSO) and multifactor authentication (MFA) protocols in the security industry. The reality is, most vendors are oblivious to the ways in which their devices and data are exploited by threat actors to gain traction on credit card information and identity theft.
The Impact Is Real
There are numbers to show for the damage that this situation creates, and they’re sobering, to say the least. Consider the following:
- Roughly 10 percent of businesses confer with over 200 vendor service companies to execute their fieldwork.
Another 33 percent of businesses use between 25 and 200 such vendor companies for the same reason.
Ninety percent of all businesses that end up penetrated by malicious connections will see a minimum of $190,000 in damages.
The remaining 10 percent wind up with damages that exceed three-quarters of a million dollars, and often much higher than that.
When you get down to the bottom of it, no entrepreneur wants to feel responsible for others’ lives being hijacked, bank accounts being drained and other catastrophes that can put clients out of their jobs and homes. It’s a serious problem that’s made much more possible by businesses that employ a larger number of third-party vendors, and it’s why a solution needs to be implemented soon. The truth is, firewalls and overtightened bolts on the security framework aren’t working; what’s really needed is a new form of balance.
Who to Trust
The new balance can be found in a company called OneLogin, an all-in-one MFA barrier that stands between field representatives and internal operations. OneLogin doesn’t make the process complicated or create long wait times; in fact, they make it simpler than ever for contractors to gain entry to the system by using an SSO interface that draws all the scattered entryways into a single super-secure doorway. In this way, OneLogin functions as a complete mediation solution that forces every single incoming connection from vendors of every software and hardware configuration to pass through the multifactor authentication gates before making it in.
Because the increasing range of required skill sets is complicating the matter of large businesses operating directly with the outside world, contractor companies are becoming more prolific by the hour. For this reason, every manufacturer — especially large ones — should consider employing an SSO solution like OneLogin to secure their connections with their field representatives.