Increased use of software bots opens up security risks
Software bots are being used to automate repetitive processes in two thirds of businesses, but this can present risks depending on how properly their access to data is governed.
New research from SailPoint finds many organizations do not have the correct oversight into their day-to-day bot activities. Only five percent of respondents say they have 100 percent of bots, and their access, accounted for in their identity process.
Writing on the SailPoint blog, the company's CMO Juliette Rizkallah says, "This lack of bot accountability is leaving huge identity shaped holes in organizations -- one that can be costly if a bot's user credentials got into the wrong hands. Having unknown bots, or treating a bot's identity different from human users, can have a devastating impact on the overall cyber hygiene of an organization."
More worrying is the use of shadow bots, with two out of three companies finding bots being used in the organization without the IT department's knowledge. This creates extra headaches when it comes to securing systems.
Rizkallah adds, "We found that bots are being used but are not always correctly managed or properly governed when it comes to their identity. Without supervision, organizations run the risk of allowing these bots to run rampant across the network. If any of these bots were to be spotted by a looming hacker and turned into a 'bad bot,' a whole slew of new security incidents can occur."
You can read more on the SailPoint blog.