Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events Acronis #CyberFit Summit 2021 Avaya Newsroom Experiences That Matter Cisco Partner Summit Digital 2020 Intel Partner Connect 2021

‘SolarWinds Hackers’ Now Hitting Resellers: 5 Things To Know

From leveraging anonymous infrastructure and taking advantage of delegated administrative privileges to gaining access to virtual machines, here’s how the group behind the SolarWinds attack is going after resellers.

Back 1   2   3   ... 6 Next
photo

 

4. Customers Must Limit Reseller Access, Permissions

Microsoft recommends that customers prioritize a thorough review and audit of channel partner relationships to minimize any unnecessary permissions between their organization and upstream partners. Customers should immediately remove access for any partner relationships that look unfamiliar or haven’t yet been audited, according to Microsoft.

Organizations should thoroughly review all tenant admin users and verify the authenticity of the users and activity. Microsoft said it encourages strong authentication for all tenant administrators, reviewing devices registered for use with multi-factor authentication, and minimizing the use of standing high-privilege access.

Customers should check audit logs on a regular basis to ensure that high-privilege user access isn’t granted or delegated to admin users who do not require these to do their job, Microsoft said. Organizations should work with their logging provider to understand their logging strategy for all administrative actions and establish a process should logs need to be made available during an incident.

 
 
Back 1   2   3   ... 6 Next

sponsored resources