Updated: 08 Apr 2026
Start with the number. Not the breach. Not the regulation. The number.
In a typical Tier 1 automotive supplier or OEM India operation, Pune, Chennai, Gurugram, somewhere between 80 and 200 third-party vendors hold active remote access credentials to internal systems. Some access production planning platforms. Some access quality management systems. Some access the manufacturing execution system that runs the line.
When was the last time anyone looked at that list?
Not audited it. Just looked at it. Counted the names. Checked whether the companies still had active engagements. Verified that the individual named on the credential still worked there.
In Proactive's experience deploying Cisco Duo across automotive manufacturing environments, the answer is consistent: the vendor access register has not been formally reviewed since the last major platform onboarding. Sometimes longer.
This is not negligence. It is the accumulated result of a supply chain built for speed, onboard the vendor, create the access, ship the part, and close the project. The deactivation step happens when someone remembers, which is not often enough.
A credential belonging to a system integrator whose engagement ended 14 months ago is still active. It has not been used, which nobody knows because the logs have not been reviewed. Or it has been used, which nobody knows for the same reason.
Unaudited vendor remote access credentials are the most common authentication gap in Indian automotive manufacturing environments, and the most frequent entry point for lateral movement into production networks.
As OT and IT have converged, remote monitoring of production lines, predictive maintenance platforms, ERP integrations with shop floor systems, and networks that were previously air-gapped are now accessible through the same VPN used by 40 vendors. One compromised credential in that environment does not produce a data breach. It stops a line.
Cisco Duo closes authentication gaps across mixed automotive environments, legacy MES systems, SCADA platforms, on-premises ERP, and cloud applications, without requiring any of those systems to be replaced or modernised. It integrates via RADIUS with existing VPN concentrators and covers the full vendor access surface from a single admin console.
But Cisco Duo can only protect accounts that should exist. Deploying MFA on top of 200 vendor credentials, 40 of which belong to closed engagements, secures the wrong perimeter.
The credential audit comes first. Every account. Every vendor. Every access scope. Every last active session date. Stale accounts deactivated. Shared credentials split into named individuals. Vendors whose engagements ended removed from the register entirely.
In Proactive's automotive deployments, credential audits consistently surface between eight and twenty dormant vendor accounts per engagement - across OEM operations, Tier 1 suppliers, and connected factory environments in Pune and Chennai.
The number varies. The finding never does.
Proactive is a Cisco Preferred Security Partner with deployment experience across Indian automotive manufacturing, from OEM operations to Tier 2 supplier networks. Every Cisco Duo deployment begins with a credential audit. Not as a formality. As the foundation.
If you want to know what yours finds, that conversation starts here.
Talk to a Proactive Cisco Duo specialist. Write to [email protected] for a consultation.
We'll get back to you shortly.
