UAE – A new survey from BeyondTrust – a cyber-security company dedicated to preventing privilege misuse and stopping unauthorised access – has identified the five most common mistakes organisations make when it comes to privileged access management (PAM) and how they prevent organisations from effectively protecting sensitive data.
“Take a look inside any large enterprise and you’ll likely find that passwords are still not under complete control; users with administrator privileges are still causing problems and far too many system vulnerabilities remain unpatched. In fact, according to a recent report by Forrester, 80% of breaches are the result of abuse or misuse of privileged credentials,” said John Hathaway (below), Regional Sales Manager, Middle East, at BeyondTrust.
For years, security experts have outlined best practices for PAM in an effort to reduce problems associated with the abuse of privileged credentials. Despite this, IT organizations continue to struggle with privileged access management. The BeyondTrust survey finds five common mistakes, dubbed the “5 Deadly Sins of Privileged Access Management”, are to blame for this contradiction between the fact that so many IT organizations struggle to secure sensitive information despite their high levels of awareness and commitment to PAM:
Not Deploying Privileged Password Management Globally (Apathy): When asked to list the top threats associated with passwords, respondents listed employees sharing passwords with colleagues (79%), employees not changing default passwords their devices ship with (76%), and using weak passwords like “12345” (75%). Despite knowing better, respondents admitted that many of these same bad practices are common within their organization. A third of the respondents report users routinely share passwords with each other, and a fourth report the use of weak passwords. Shockingly, one in five report many users don’t even change the default passwords!
Too many holdout admin users (Greed): Users often insist they need full administrative privileges over their devices, and that creates problems for IT. 79% of respondents cite allowing users to run as administrators on their machines as their biggest threat, followed by not having control over applications on users’ machines (68%). Yet, nearly two in five respondents admit it is common for users to run as administrators on their machines. It is no surprise that many respondents say these practices have directly caused downtime of computing systems.
Ignoring the link between vulnerabilities and excessive privileges (Pride): One in five respondents say attacks combining privileged access with exploitation of an unpatched vulnerability are common. Simply patching known system vulnerabilities can prevent most of today’s commonly-reported attack vectors. Yet, too often, IT does not stay current on their patches.
Believing Sudo is sufficient to protect Unix/Linux system and data (Ignorance): Two-thirds say managing least privilege for Unix/Linux servers is somewhat to extremely important. One popular option is Sudo. However, just 29 percent say Sudo meets their needs. The most commonly cited problems with Sudo include being time-consuming to use (32%), complexity (31%) and poor version control (29%). Despite this, the typical respondent runs Sudo on 40 workstations and 25 servers.
Not prioritising SaaS applications and the risk they introduce (Envy): Enterprises are rushing to embrace cloud computing. Yet, more than a third report that they are not involved in protecting SaaS applications from privileged access abuse.
“Personally Identifiable Information (PII) must be protected at all costs. Too protect access to this data, organizations must deploy an integrated PAM solution that providers control and visibility over all privileged accounts and users across Windows, Mac, Unix and Linux desktop and server platforms and in doing so improves system security and closes gaps” added Hathaway.