Is your company implementing best practices when it comes to privileged account management and enforcement?
According to a 2015 report released by BeyondTrust, more than 47 percent of IT professionals said their organization unnecessarily grants computer user access to privileged information — 20 percent said more than 75 percent of company users operate as administrators.
On top of this, one-third of IT pros say their organization has no policy for computer password management to protect privileged information.
Is this a problem? You bet.
Now more than ever before, companies are vulnerable to attacks that target user computers with access to what should be guarded company data.
“From an adversary’s standpoint, stolen credentials are the perfect vehicles from which to execute an attack,” the report states. “They provide access to an organization’s sensitive data and a means to move undetected within the corporate network.”
The consequences of a breach can be detrimental. Not only do companies suffer financial losses, but they also have to confront the costs of reputation management and regulatory compliance errors.
So, what can be done to protect an organization from this risk? Step one is creating a policy that mitigates this risk. Step two is enforcing that policy.
“A privileged account management strategy should include provisions for exception handling an workflow to allow users to perform their jobs in an unfettered manner, while maintaining centralized control over critical assets,” the report states.
Want to learn more about how to protect your organization from the costs and stress associated with avoidable breaches? Contact Citon at 218.720.4435.