Menu
​Exposed and under threat - Why haphazard processes are harming local businesses

​Exposed and under threat - Why haphazard processes are harming local businesses

“Privileged accounts really are the ‘keys to the kingdom,’ but…”

Organisations in Australia and New Zealand - similar to the global market - have haphazard processes for managing administrative or other privileged accounts, making businesses vulnerable to security breaches.

Responses from a Dell-commissioned survey - including IT professionals from the US, UK, Germany, Australia and New Zealand - claims that nearly 80 percent of respondents have a defined process for managing privileged accounts, but are not diligent about following it.

In fact, almost 30 percent still use manual processes such as Excel or other spreadsheets to manage privileged accounts.

Not only are these manual processes prone to error and easily compromised, warns the tech giant, they impede quick resolution in time-critical situations.

“Privileged accounts really are the ‘keys to the kingdom,’ which is why hackers seek them out and why we’ve seen so many high-profile breaches over the past few years use these critical credentials,” says John Milburn, Executive director and general manager, Identity and Access Management, Dell Security.

“To alleviate this risk and ensure these accounts are controlled and secured, it’s absolutely crucial for organisations to have a secure, auditable process to protect them.

“A good privileged account management strategy includes a password safe, as well as least-privileged control to protect organisational assets from breaches.”

According to Milburn, 83 percent of survey respondents face many challenges with managing privileged accounts and administrative passwords, ranking the following as the top three most critical privileged account management (PAM) challenges facing their organisations:

  • Default admin passwords on hardware and software are not consistently changed (37 percent)
  • Multiple admins share a common set of credentials (37 percent)
  • Inability to consistently identify individuals responsible for administrator activities (31 percent)

Although more than 75 percent have a defined process for changing the default admin password on hardware and software as new resources are brought into the organisation, Milburn claims that only 26 percent change admin passwords monthly on mission critical systems and devices.

For Milburn, such a ack of well-defined password and reporting practices present challenges.

“Survey respondents identified delegation (the ability to implement a least-privileged model of admin activity, in which admins are given only sufficient rights to do their job) and password vaulting (the ability to automate storage, issuance and changing of administrative credentials) as the administrative or privileged account management practices most critical to their organisations,” he adds.

“However, less than half say they have a regular cadence of recording, logging or monitoring administrative or other privileged access.

“The lack of a standard, enforced approach, coupled with a multitude of software tools and manual processes for managing privileged accounts, makes the business susceptible to hackers, and exposes corporate data to possible breach.”

Prevention of both breaches and insider attacks has become a major driver for the adoption of PAM solutions, Milburn claims.

According to a recent Gartner "Market Guide for Privileged Access Management" report, "adoption of PAM products by organisations is often partial, leaving gaps that translate to risk."

It notes that "prevention of both breaches and insider attacks has become a major driver for the adoption of privileged access management (PAM) solutions, in addition to compliance and operational efficiency.

"And by 2017, more stringent regulations around control of privileged access will lead to a rise of 40 percent in fines and penalties imposed by regulatory bodies on organisations with deficient PAM controls that have been breached."

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags DellCloudsecuritybig dataData Centre

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments