In 2018, over eleven significant breaches were caused by exploitation of third-party vendors. And, third-party breaches (Target, Saks 5th Avenue, Universal Music Group, Applebee’s, etc.) rank amongst the costliest and most damaging of all security incidents. While IT administrators, insiders, and third-party vendors need privileged access to do their jobs effectively, this shouldn’t mean relinquishing control of your IT environment to them. Organizations allow third parties access to their networks for them to change or otherwise impact the operational service of these organizations. This privileged access needs to be protected to the same (or higher) extent as your organization’s internal privileged users. Failing to do so leaves your organization with a very weak link in its security, which can easily be exploited by cyberattackers. To address third-party vendor cyber risk, you need to have a good understanding of remote access so you can implement the proper controls to help secure their access to your privileged accounts.