The Latest in IT Security

Failure to Manage Privileged User Access Challenges Efforts to Address Insider Threats


Tucked inside Verizon’s massive 2014 Data Breach Investigations Report are these numbers: 11,698 and 112.

Those figures, respectively, represent the number of incidents the firm examined in 2013 where insiders used organizational resources maliciously or without approval, as well as the number of those incidents that resulted in confirmed data loss. For all the awareness of insider threats, organizations are still faced with the reality of employees doing things that they shouldn’t.

Yet according to a new study from the Ponemon Institute sponsored by Raytheon, the corporate world is doing a mediocre job of staying on top of user access and privileges. Forty-nine percent of respondents said they do not have policies for assigning privileged user access. In addition, twoof the biggest challenges cited in the study are having enough contextual information provided by security tools (69 percent) and security tools providing too many false positives (56 percent). Organizations are also struggling with enforcing access rights for privileged users.

Forty-two percent said they were not confident their organization has the enterprise-wide visibility to determine if privileged users are compliant with policies. Just 34 percent described themselves as either “confident” or “very confident.”

“The results of this survey should serve as a wakeup call to every executive with responsibility for protecting company or customer sensitive data,” said Jack Harrington, vice president of Cybersecurity and Special Missions, Raytheon Intelligence Information and Services, in a statement. “While the problem is acutely understood, the solutions are not.”

The news is not all bad however. Slightly more organizations use well-defined policies that are centrally controlled by corporate IT (35 percent) than in 2011 (31 percent). There was also a drop off in the use of ad-hoc approaches to assigning privileged user access.

“The biggest problem is still keeping pace with the number of access change requests that come in on a regular basis (an increase from 53 percent to 62 percent),” according to the Ponemon study. “However, two problems have increased significantly. These are the burdensome process for dealing with business users requesting access (from 23 percent to 35 percent of respondents) and it takes too long to deliver access to privileged users (32 percent to 44 percent).”

This problem leads to another concern – the loss of business and customer information. According to the respondents, 56 percent said general business information was most at risk due to a lack of access controls for privileged users, while 49 percent named customer data as being at risk. Fears about corporate intellectual property jumped from 12 percent in 2011 to 33 percent.

Increasingly, business managers are becoming involved in granting privileged access and conducting user role certification, the study found. Fifty-one percent said it is the business user manager who most often handles access requests, which is an eight percent increase from 2011. Fifty-seven percent believe no background checks are performed in most organizations before privileged credentials are issued.

According to the survey, mobile applications were the most widely cited type of application considered to be at risk in their organizations due to the lack of proper access governance and control. Social media applications and cloud applications were the second and third most cited.

“Our goal is to also help organizations understand thatgood people can make mistakes and put sensitive data at risk,” said Harrington. “Even a well-intentioned, seasoned, privileged user with wide access to a network poses great risks because they are high-value targets to corporate ‘hacktivists’ and persistent adversaries eager to penetrate a company’s defenses.”


Brian Prince is a Contributing Writer for SecurityWeek.Previous Columns by Brian Prince:Failure to Manage Privileged User Access Challenges Efforts to Address Insider ThreatsU.S. Charges Chinese Hackers With Economic Espionage, China Calls Accusations FabricatedDevices Leak Critical Information Via SNMP Public Community String: ResearchersFormer Subway Franchise Owner Pleads Guilty to PoS System HackingElderwood Attack Platform Linked to Multiple Internet Explorer Zero-Day Attacks: Symantec

sponsored links


Identity Access

Comments are closed.


SUNDAY, MARCH 07, 2021

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments