A new study from identity management company One Identity reveals a worrying level of mismanagement of privileged accounts.
The survey of over 900 IT security professionals carried out by Dimensional Research finds 18 percent of respondents admit to using paper-based logs, and 36 percent are using equally inadequate spreadsheets for tracking privileged accounts.
The survey also finds that two-thirds (67 percent) of companies are relying on two or more tools to manage these accounts -- indicating widespread inconsistency in privileged access management (PAM).
A majority (57 percent) admit to only monitoring some privileged accounts, or not monitoring privileged access at all. Even worse, 21 percent of respondents confess that they are unable to monitor or record activity performed with admin credentials, while 32 percent say they can't consistently identify individuals who perform admin activities.
An overwhelming 86 percent of organizations are not consistently changing the password on their admin accounts after each use. In addition, 40 percent of IT security professionals don't follow the basic best practice of changing a default admin password. By not adhering to these best practices, privileged accounts are left vulnerable, opening the door to data theft or worse, if compromised.
"When an organization doesn't implement the very basic processes for security and management around privileged accounts, they are exposing themselves to significant risk. Over and over again, breaches from hacked privileged accounts have resulted in astronomical mitigation costs, as well as data theft and tarnished brands," says John Milburn, president and general manager of One Identity. "These survey results indicate that there are an alarmingly high percentage of companies that don't have proper procedures in place. It is crucial for organizations to implement best practices regarding privileged access management without creating new roadblocks for work to get done."
You can find out more in the full report which is available from the One Identity site.