Report shows wide variation in privileged access management practices
As we reported yesterday, privileged users can represent a significant risk to enterprise security. A new report from cyber security company BeyondTrust underlines this with findings that show organizations adhering to best practices for privileged access management are much better at mitigating the risks of a data breach.
The survey of more than 500 IT, IS, legal and compliance experts split its overall scores into top- and bottom-tier groups and finds that top-tier companies were much more likely to have a centralized password management policy -- 92 percent in contrast with just 25 percent of bottom-tier organizations.
Regular password changes are also much more common among top-tier businesses. 76 percent of frequently have passwords changed, whereas only 14 percent of bottom-tier businesses do. Credential management formed another point of distinction, with nearly three-quarters (73 percent) of top companies identifying themselves as efficient in this area, compared to 36 percent of the bottom-tier companies.
There are differences when it comes to monitoring and restricting access too. Among top companies 71 percent can monitor privileged user sessions, and 88 percent can restrict access with a measure of granularity. This compares to the bottom tier where fewer than half (49 percent) can monitor sessions, and only 37 percent have granular capabilities to restrict access. More worrying is that only six percent of bottom tier businesses have tools to evaluate the risks posed by individual apps and systems.
"This study confirms one of the unfortunate truths about data breaches today -- namely, that many of them are preventable using relatively simple means," says Kevin Hickey, president and CEO at BeyondTrust. "Companies that employ best practices and use practical solutions to restrict access and monitor conditions are far better equipped to handle today’s threat landscape".
You can find out more in the full report which is available on the BeyondTrust site and there's a summary of the findings in infographic form below.
Photo credit: Pakhnyushcha / Shutterstock