Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Excessive User Privileges Challenges Enterprise Security: Survey

It is no secret that enterprises sometimes have trouble keeping a handle on privileged users. In the wrong hands, excessive privileges can lead to data breaches and sleepless nights for IT.

It is no secret that enterprises sometimes have trouble keeping a handle on privileged users. In the wrong hands, excessive privileges can lead to data breaches and sleepless nights for IT.

According to a survey from security firm BeyondTrust, which focuses on privilege management issues, more than 47 percent of the 728 survey participants said users in their organizations have elevated privileges not necessary for their roles. Twenty percent reported that more than three-quarters of their user base run as administrators. In addition, 33 percent said their organizations had no policies for privileged password management.

“The majority of users do not typically require the ability to install their own software or make changes to system properties,” according to the report. “Providing them with this ability can lead to, at a minimum, inadvertent errors and increased demand on internal IT help desks. Worse, it provides opportunities for malicious employees, or attackers who have compromised employee credentials, to steal sensitive information or disrupt network operations.”

The survey – dubbed ‘Privilege Gone Wild 2′ – backs the findings of a report from the Independent Oracle Users Group in which 54 percent of respondents reported that abuse of privileges by IT staff was among the top threats to enterprise data. A separate study by research company Ovum found that 59 percent of the U.S. businesses surveyed felt privileged users posed a threat to their organization.

Brad Hibbert, CTO of BeyondTrust, listed three reasons employees end up with excessive privileges. First, it makes life easier.

“Granting users’ full admin rights on desktops / servers ensures that they can perform their job tasks without the pushback,” he told SecurityWeek. “Of course this is somewhat short-sighted as this approach raises security concerns and can also impact longer term operational costs as the help desk is engaged to troubleshoot and address issues including misconfigurations, malware and unlicensed software.”

The other two reasons are a lack of oversight as employees move from job function to job function and a lack of “native delegation capabilities” of the operating systems being used, he said.

Advertisement. Scroll to continue reading.

Seventy-nine percent of respondents in the BeyondTrust study indicated they felt employees are somewhat likely to very likely to access sensitive or confidential data out of curiosity.

“A regular review by managers and supervisors of their employees’ access rights will help reduce permission bloat and users having access to unnecessary systems,” said Hibbert. “Access reviews can be performed as needed or scheduled to occur periodically – for example, every calendar quarter, enabling you to conduct periodic access reviews to maintain the correct level of user privileges. The review schedule will depend on the sensitivity of the access and effort in performing the review. It could range from weekly to quarterly to yearly.”

“One approach that enables more frequent reviews is performing delta attestation analysis between full-attestation reviews,” he continued. “That is, ‘show me how access has changed since the last review.’ This result enables more frequent reviews on a smaller subset of entitlements.”

 

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.