The security situation of the IT infrastructure in Germany has become even more acute. Remote maintenance and external access by third parties to critical infrastructure in particular pose a high risk.
According to a note on Deutschlandfunk radio, the current situation report from the Federal Office for Information Security indicates that the threat in cyber space is higher than ever.
"The reason cited for the difficult situation, in addition to cyber attacks in the context of the Russian attack on Ukraine, is the ongoing cyber crime. In addition, the quality of IT and software products is inadequate in many cases."
In connection with the Ukraine war, he said, there had been a collection of smaller incidents and hacking campaigns so far.
Federal Minister of the Interior Faeser explained that the increased cyber threat situation requires a strategic repositioning and significant investments in cyber security. Every vulnerability in software or hardware products is a potential gateway for attackers, she said. (Source: Deutschlandfunk)
Secure remote maintenance of critical infrastructure takes center stage
Remote maintenance is a critical aspect of IT security, as the German Federal Office for Information Security (BSI) states in the "Securing Remote Maintenance" chapter of the IT-Grundschutz catalog. The Act on Increasing the Security of Information Technology Systems (IT Security Act), which came into force in 2015, requires companies classified as critical infrastructures (CRITIS) to adapt their IT security to the "state of the art". The BSI provides basic rules for this and describes the necessary security functions that should be fulfilled.
But where do companies in the various sectors stand that have had to implement measures such as these for just over five years in some cases? We still hear about trivial cyber incidents that can be traced back to fundamentally non-existent security measures around securing remote maintenance access and the negligent granting of administrative rights.
Secure remote maintenance with VISULOX - the German PAM solution with Remote Support Function
VISULOX from amitego can be migrated seamlessly and without interruption, providing a single point of access for all external third parties requiring access to critical infrastructure components.
VISULOX meets all BSI requirements for secure remote maintenance of critical infrastructures and provides BSI-G audit-compliant evidence of all activities within critical infrastructures.
VISULOX is a leading privileged access management solution with integrated remoteSupport platform for secure external access. We help answer the question of who did what, where and when in IT infrastructures.
VISULOX is used globally and, on the one hand, fulfils the tasks required by the actual operation. On the other hand, it provides the evidence required by laws or regulations. Especially the transparency of activities by third parties is mandatory to ensure control over the actual user activities when accessing the IT infrastructure.
Today, the solution is used by a large number of companies from a wide range of industries in many countries. From installations with 5 users to enterprise installations with over 7,500 concurrent users, at SMEs and Dax30 companies. All to be implemented without any changes to clients or servers.