Menu
​Exposed and under threat - Why haphazard processes are harming local businesses

​Exposed and under threat - Why haphazard processes are harming local businesses

“Privileged accounts really are the ‘keys to the kingdom,’ but…”

Organisations in Australia and New Zealand - similar to the global market - have haphazard processes for managing administrative or other privileged accounts, making businesses vulnerable to security breaches.

Responses from a Dell-commissioned survey - including IT professionals from the US, UK, Germany, Australia and New Zealand - claims that nearly 80 percent of respondents have a defined process for managing privileged accounts, but are not diligent about following it.

In fact, almost 30 percent still use manual processes such as Excel or other spreadsheets to manage privileged accounts.

Not only are these manual processes prone to error and easily compromised, warns the tech giant, they impede quick resolution in time-critical situations.

“Privileged accounts really are the ‘keys to the kingdom,’ which is why hackers seek them out and why we’ve seen so many high-profile breaches over the past few years use these critical credentials,” says John Milburn, Executive director and general manager, Identity and Access Management, Dell Security.

“To alleviate this risk and ensure these accounts are controlled and secured, it’s absolutely crucial for organisations to have a secure, auditable process to protect them.

“A good privileged account management strategy includes a password safe, as well as least-privileged control to protect organisational assets from breaches.”

According to Milburn, 83 percent of survey respondents face many challenges with managing privileged accounts and administrative passwords, ranking the following as the top three most critical privileged account management (PAM) challenges facing their organisations:

  • Default admin passwords on hardware and software are not consistently changed (37 percent)
  • Multiple admins share a common set of credentials (37 percent)
  • Inability to consistently identify individuals responsible for administrator activities (31 percent)

Although more than 75 percent have a defined process for changing the default admin password on hardware and software as new resources are brought into the organisation, Milburn claims that only 26 percent change admin passwords monthly on mission critical systems and devices.

For Milburn, such a ack of well-defined password and reporting practices present challenges.

“Survey respondents identified delegation (the ability to implement a least-privileged model of admin activity, in which admins are given only sufficient rights to do their job) and password vaulting (the ability to automate storage, issuance and changing of administrative credentials) as the administrative or privileged account management practices most critical to their organisations,” he adds.

“However, less than half say they have a regular cadence of recording, logging or monitoring administrative or other privileged access.

“The lack of a standard, enforced approach, coupled with a multitude of software tools and manual processes for managing privileged accounts, makes the business susceptible to hackers, and exposes corporate data to possible breach.”

Prevention of both breaches and insider attacks has become a major driver for the adoption of PAM solutions, Milburn claims.

According to a recent Gartner "Market Guide for Privileged Access Management" report, "adoption of PAM products by organisations is often partial, leaving gaps that translate to risk."

It notes that "prevention of both breaches and insider attacks has become a major driver for the adoption of privileged access management (PAM) solutions, in addition to compliance and operational efficiency.

"And by 2017, more stringent regulations around control of privileged access will lead to a rise of 40 percent in fines and penalties imposed by regulatory bodies on organisations with deficient PAM controls that have been breached."


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags CloudDellbig data

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments