Isolating privileged access is critical to security
A new study reveals that 87 percent of cybersecurity professionals believe separating privileged environments from corporate, internet-exposed environments is highly critical for protecting sensitive information.
But the Privileged Access Workstations (PAW) survey carried out by Cybersecurity Insiders for endpoint security company Hysolate also finds that time-consuming access processes and the inability to install apps, browse the web or plug in external devices, are key implementation roadblocks.
"Privileged users are targeted by cyberattackers because they have direct access to an enterprise's crown jewels. The good news, according to the PAW survey, is that the overwhelming majority of enterprises believe protecting these users and data resources is a priority," says Tal Zamir, CEO and co-founder of Hysolate. "The challenge is that organizations want to secure privileged access by using separate workstations or jump hosts, but these methods often have an adverse effect on user productivity. Enterprises clearly need a way to have trusted privileged access without compromising user performance."
The report shows 42 percent of organizations have completed or are actively implementing additional security measures for privileged users. In addition, 35 percent say doing so is a top three priority and are evaluating how to accomplish this.
Among other findings are that 92 percent of respondents say IT admins are at increased risk of compromise if they use the same device to connect to sensitive/privileged assets as well as a corporate, internet-exposed network. This may explain why, according to the survey, 35 percent have implemented PAW using separate physical devices, and 50 percent use jump hosts or jump servers to protect access to privileged network resources.
As always with security usability is an issue. Many privileged users are frustrated by the limitations imposed by existing security measures. 51 percent cite cumbersome, time-consuming processes for accessing privileged resources, while 40 percent complain that they can't install apps or browse the web freely. More than a third take issue with not being able to plug in external devices (39 percent) or get files from third parties (34 percent).
You can read more in the full report available from the Hysolate website.