Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

BeyondTrust survey shows that European companies don’t have privilege management under control

April 2014 by BeyondTrust

BeyondTrust has announced the results of its European Privilege Gone Wild survey carried out during the first half of April 2014 across the UK and the rest of Europe covering IT, security and network professionals. The survey reveals that employees across the region are granted excessive privileges – such as ‘admin rights’ beyond the requirements of their roles and that as a result, are exacerbating the ‘insider threat’ risk.

“This latest survey shows that the problem of excessive privilege continues to be a major problem and while organisations are aware of the issue, they are still failing to address it,” says Brent Thurrell, VP EMEA and India. “The tools are there to manage privilege – which can be the cause of many unnecessary security vulnerabilities – so organisations are putting themselves at risk unnecessarily. More companies need to start prioritizing privilege management.”

Privilege beyond their needs

Over a third of respondents say that they have access rights not necessary for their current roles. When asked what information could be accessed, 44 per cent cited financial reports, privilege passwords, email server accounts, R&D plans.

On a more positive note, over 60 per cent have controls to monitor privilege access, though just over half believe that either they or colleagues have the ability to circumvent these controls. When asked to rate what kind of information is most of risk, respondents stated 45 per cent of general business information, 34 per cent of customer information and just over 12 per cent of financial information.

Curiosity is putting sensitive and confidential information at risk

Over half of all respondent believe employees are likely or very likely to access sensitive or confidential information out of curiosity. Indeed, over a third of respondents admitting to retrieving information not relevant to their jobs. It is encouraging that over half of all organisations do not allow sensitive data to be stored on employees’ workstations or laptops, but not such good news that over 43 per cent confessed that their organisations do allow this to happen.

Future indications

Over a third believe that it is likely or very likely that their organisations will assign privilege access rights that go beyond the individuals’ roles and responsibilities, with only 32 per cent saying that this would be unlikely. 45 per cent expect the risks around privilege management to increase within the next few years.

Survey information

The survey reflects responses from over 100 IT decision makers across Europe, including security managers, and network and systems engineers across a number of industries including financial services, manufacturing, and government. Please see Appendix A for a full breakdown of the results.




See previous articles

    

See next articles