TMCnet News
BeyondTrust Survey Uncovers Growing Disparity Managing Privileged AccessBeyondTrust, the leading cyber security company dedicated to preventing privilege misuse and stopping unauthorized access, today unveiled the results of its definitive Privilege Benchmarking Study based on a worldwide survey of IT professionals. The study demonstrates a widening gulf between organizations that adhere to best practices for privileged access management. Over 500 senior IT, IS, legal and compliance experts were asked about their privileged access management practices. Their responses were divided into two tiers based on industry best practices, with top-tier companies distinguishing themselves as far better prepared to mitigate the impact from data breaches. A summary of the findings is included below. Password and Credential Management: Only 14 percent regularly cycle their passwords, leaving systems exposed to breaches With 63 percent (2016 Verizon (News - Alert) DBIR) of confirmed data breaches involving weak, default or stolen passwords, it's never been more important to apply discipline and accountability over enterprise credentials.
Session Monitoring: Just 3 percent watch/terminate sessions in real time - how do you stop a possible breach in time? When it comes to real-time monitoring and restriction of access, the top-tier companies are far ahead.
Evaluation of Risk: Amazingly, 52 percent "just know" what the risks are, but aren't doing enough about it Perhaps the starkest contrast between top-tier and bottom-tier organizations can be illustrated in how - or whether - risk is scored in determining application privileges.
Despite the risks of leaving users and systems with unmanaged access to network resources, only 9 percent of bottom-tier companies have an enterprie solution in place for managing privileged access, and more than one-third do nothing at all. Among the top-tier companies, however, 78 percent have an enterprise solution in place. Federal Government Vulnerable to Breaches The survey also found that despite a high level of awareness of the threat, federal government agencies leave themselves open to attack. Seventy-two percent of government responders believe that there would be a high risk to general business and mission information if organizations lacked proper access control for privileged users. The federal government has implemented mandates such as FISMA and CSIP to address various attack vectors within agency networks. Yet, respondents also report that 20 percent of users have more privileges than they need. These results highlight an opportunity for improvement in adopting processes and technologies to further secure privilege access in Federal agencies. What Organizations Can Do to Close the Gap Between Their Practices and Best Practices For organizations looking to reduce the risk of a damaging data breach as a result of privilege abuse or misuse, BeyondTrust has developed five recommendations based on the Privilege Benchmarking Study:
"This study confirms one of the unfortunate truths about data breaches today - namely, that many of them are preventable using relatively simple means," said Kevin Hickey, President and CEO at BeyondTrust. "Companies that employ best practices and use practical solutions to restrict access and monitor conditions are far better equipped to handle today's threat landscape." Privilege Benchmarking Study For more information on the Privilege Benchmarking Study, including a summary infographic and results paper, please visit: https://www.beyondtrust.com/resources/white-paper/privilege-benchmarking-study-2016/. About BeyondTrust BeyondTrust is a global information security software company that helps organizations prevent cyber attacks and unauthorized data access due to privilege abuse. Our solutions give you the visibility to confidently reduce risks and the control to take proactive, informed action against data breach threats. And because threats can come from anywhere, we built a platform that unifies the most effective technologies for addressing both internal and external risk: Privileged Access Management and Vulnerability Management. Our solutions grow with your needs, making sure you maintain control no matter where your company goes. BeyondTrust's security solutions are trusted by over 4,000 customers worldwide, including half of the Fortune 100. To learn more about BeyondTrust, please visit www.beyondtrust.com. Follow BeyondTrust
Twitter (News - Alert): http://twitter.com/beyondtrust
View source version on businesswire.com: http://www.businesswire.com/news/home/20160824005325/en/ |