It’s fairly simple, really. If you don’t have access to sensitive systems and data you don’t really need access to then attackers who steal or compromise your login credentials won’t have access either. One of the keys to effective security and data protection is restricting access to privileged accounts to minimize exposure to risk. Privilege Gone Wild 2—a recent study from BeyondTrust—however, found that many organizations still struggle with this concept.
The principle of least privileged access is as old as computer security itself. Actually, it predates computer security and even computers. The military classification and security clearance system is based on the same basic principles. In a nutshell it means restricting or minimizing the access any system, application, or individual has to sensitive or privileged information on a need-to-know (or need-to-access as the case may be) basis.
BeyondTrust conducted the survey of more than 700 IT professionals to examine how organizations view risk from privileged account misuse and what tools or processes are being used to mitigate the risk. Survey participants span the globe and represent organizations in retail, government, manufacturing, education and technology.
Some of the key findings from the Privilege Gone Wild 2 report include:
· 84% of respondents believe the risk to their organizations from privileged users will increase over the next few years – especially in the area of access to business critical information.
· Nearly half of the survey respondents admitted they have employees with access rights not necessary for their current role, but shockingly, more than one out of four companies indicated they have no controls in place to manage privileged access.
· Privileged account management is viewed as a cross-functional need, with security teams primarily driving purchases – unified reporting is considered critical to meeting needs.
· Two of the most significant areas of weakness include shared passwords where over half of respondents indicated that shared passwords are managed individually; and privileged access to tier 1 systems where 57% of respondents have few or no tools or processes in place to protect against privilege misuse.
· Cost is a concern for organizations wanting to address these challenges, indicating that the most expensive privileged account management solutions available in the market are those from CA, Dell/Quest, and CyberArk.
BeyondTrust provides guidance to help organizations get control of privileged account management. The white paper addresses five key areas that summarize best practices for privileged account management and enable organizations to minimize risk and protect data more effectively.
Click here to download the BeyondTrust report and see for yourself: Privilege Gone Wild 2.