Menu
​Exposed and under threat - Why haphazard processes are harming local businesses

​Exposed and under threat - Why haphazard processes are harming local businesses

“Privileged accounts really are the ‘keys to the kingdom,’ but…”

Organisations in Australia and New Zealand - similar to the global market - have haphazard processes for managing administrative or other privileged accounts, making businesses vulnerable to security breaches.

Responses from a Dell-commissioned survey - including IT professionals from the US, UK, Germany, Australia and New Zealand - claims that nearly 80 percent of respondents have a defined process for managing privileged accounts, but are not diligent about following it.

In fact, almost 30 percent still use manual processes such as Excel or other spreadsheets to manage privileged accounts.

Not only are these manual processes prone to error and easily compromised, warns the tech giant, they impede quick resolution in time-critical situations.

“Privileged accounts really are the ‘keys to the kingdom,’ which is why hackers seek them out and why we’ve seen so many high-profile breaches over the past few years use these critical credentials,” says John Milburn, Executive director and general manager, Identity and Access Management, Dell Security.

“To alleviate this risk and ensure these accounts are controlled and secured, it’s absolutely crucial for organisations to have a secure, auditable process to protect them.

“A good privileged account management strategy includes a password safe, as well as least-privileged control to protect organisational assets from breaches.”

According to Milburn, 83 percent of survey respondents face many challenges with managing privileged accounts and administrative passwords, ranking the following as the top three most critical privileged account management (PAM) challenges facing their organisations:

  • Default admin passwords on hardware and software are not consistently changed (37 percent)
  • Multiple admins share a common set of credentials (37 percent)
  • Inability to consistently identify individuals responsible for administrator activities (31 percent)

Although more than 75 percent have a defined process for changing the default admin password on hardware and software as new resources are brought into the organisation, Milburn claims that only 26 percent change admin passwords monthly on mission critical systems and devices.

For Milburn, such a ack of well-defined password and reporting practices present challenges.

“Survey respondents identified delegation (the ability to implement a least-privileged model of admin activity, in which admins are given only sufficient rights to do their job) and password vaulting (the ability to automate storage, issuance and changing of administrative credentials) as the administrative or privileged account management practices most critical to their organisations,” he adds.

“However, less than half say they have a regular cadence of recording, logging or monitoring administrative or other privileged access.

“The lack of a standard, enforced approach, coupled with a multitude of software tools and manual processes for managing privileged accounts, makes the business susceptible to hackers, and exposes corporate data to possible breach.”

Prevention of both breaches and insider attacks has become a major driver for the adoption of PAM solutions, Milburn claims.

According to a recent Gartner "Market Guide for Privileged Access Management" report, "adoption of PAM products by organisations is often partial, leaving gaps that translate to risk."

It notes that "prevention of both breaches and insider attacks has become a major driver for the adoption of privileged access management (PAM) solutions, in addition to compliance and operational efficiency.

"And by 2017, more stringent regulations around control of privileged access will lead to a rise of 40 percent in fines and penalties imposed by regulatory bodies on organisations with deficient PAM controls that have been breached."


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags DellCloudsecuritybig dataData Centre

Featured

Slideshows

Channel celebrates as HP marks 50 years in NZ

Channel celebrates as HP marks 50 years in NZ

HP marked 50 years in New Zealand at an event in the vendor's Auckland's headquarters last night, with a host of key channel figures coming along to celebrate. Photos by HP.

Channel celebrates as HP marks 50 years in NZ
EDGE 2017 - Icebreaker Sessions round 2

EDGE 2017 - Icebreaker Sessions round 2

EDGE guests experience the value of networking at the second round of Icebreaker sessions.. Photos by Maria Stefina

EDGE 2017 - Icebreaker Sessions round 2
EDGE 2017 Dinner Under the Stars

EDGE 2017 Dinner Under the Stars

EDGE's Day 2 keynote and breakout sessions were followed by the Dinner Under the Stars. Over 300 people were present to enjoy a seafood feast and lots of excitement at Hamilton Island's Bougainvillea Marquee. Photos by Maria Stefina.

EDGE 2017 Dinner Under the Stars
Show Comments