A recent study from HP and the Ponemon Institute surveyed more than 5,500 IT professionals, from operations to security management, to gauge potential problems with user access and policy enforcement. The results? Unchecked access to data is still an issue, no matter what segment of the business world you’re looking at.
“…increased threats to sensitive and confidential workplace data are created by a lack of control and oversight of privileged users, including database administrators, network engineers and IT security practitioners,” explains the top takeaway from HP’s commissioned research.
The survey revealed that more than half of the respondents said they are likely to be given access to company data beyond the scope of their job requirements. For example, a network administrator with access to HR data such as payroll; or a database administrator with unrestricted access to a company’s customer list.
“Customer information and general business data are at the highest risk, and the most threatened applications included mobile, social media and business unit specific applications,” the report notes.
In addition, more than 60-percent of those with access to data said they would examine it out of curiosity, not as a job function.
“This study spotlights risks that organizations don’t view with the same tenacity as critical patches, perimeter defense and other security issues, yet it represents a major access point to sensitive information,” said Tom Reilly, vice president and general manager, Enterprise Security Products, HP.
“The results clearly emphasize the need for better access policy management, as well as advanced security intelligence solutions, such as identity and privileged user context, to improve core security monitoring.”
Despite the issues with user access and control, most of those who took part in HP’s research said they have something in place policy-wise to control access. Yet, granular control and visibility were still a problem depending on the solution deployed.
Twenty-seven percent say their organizations use technology-based identity and access controls to detect the sharing of system administration access rights or root-level access rights by privileged users, and 24 percent say they combine technology with process. However, 15 percent admit access is not really controlled and 11 percent say they are unable to detect sharing of access rights.
The main issues are enforcement, and change request tracking, along with policy issues, such as inconsistent approval processes for user access. Moreover, cost is also a factor, with many citing the expense of change request and overall user monitoring. Still, the favorite solution deployed for controlling these issues were all SIEM related.
The potential for privileged access abuse varies from country to country based on responses, with France, Hong Kong, and Italy having the greatest potential, and Germany, Japan and Singapore having the least, the report noted.
Naturally, HP offers technology to address these problems, along with other vendors in the market. While the research is important, it’s still a best bet to examine all of the various offerings when it comes to controlled access and policy enforcement, and pick the one that matches you organization’s needs and budget.
