Security Risks Rise due to Mismanaged User Access: HP

By Nathan Eddy  |  Print this article Print

Top barriers to enforcing privileged-user access rights are the inability to keep pace with change requests.

Increased threats to sensitive and confidential workplace data are being created by a lack of control and oversight of privileged users, including database administrators, network engineers and IT security practitioners, according to a new report, entitled "The Insecurity of Privileged Users."

The study, sponsored by Hewlett-Packard and conducted by the Ponemon Institute, revealed that 52 percent of respondents are at least likely to be provided with access to restricted, confidential information beyond the requirements of their position.

More than 60 percent of the respondents reported that privileged users access sensitive or confidential data out of curiosity, not job function, with customer information and general business data at the highest risk. The most threatened applications included mobile, social media and business unit specific applications. The global survey focused on more than 5,000 IT operations and security managers across Australia, Brazil, Europe, Asia and the United Kingdom and the United States. Many respondents claimed to have well-defined policies for individuals with privileged access rights to specific IT systems.

However, almost 40 percent were unsure about enterprise-wide visibility into specific rights, or whether those with privileged access rights met compliance policies. Twenty-seven percent said their organizations use technology-based identity and access controls to detect the sharing of system administration access rights or root-level access rights by privileged users, and 24 percent said they combine technology with process. However, 15 percent admitted access is not really controlled and 11 percent said they are unable to detect sharing of access rights.

"This study spotlights risks that organizations don’t view with the same tenacity as critical patches, perimeter defense and other security issues, yet it represents a major access point to sensitive information," said Tom Reilly, HP’s vice president and general manager of enterprise security products. "The results clearly emphasize the need for better access policy management, as well as advanced security intelligence solutions, such as identity and privileged-user context, to improve core security monitoring."

Top barriers to enforcing privileged-user access rights are the inability to keep pace with change requests, inconsistent approval processes, high costs of monitoring and difficulty in validating access changes, the report found, while areas for improvement included monitoring privileged users’ access when entering root-level administrative activity, identifying policy violations and enforcing policies across an entire organization.

The potential for privileged access abuse varies from country to country based on responses, with France, Hong Kong and Italy having the greatest potential, and Germany, Japan and Singapore having the least. Nearly 80 percent of respondents reported that deploying a security information and event management (SIEM) solution was critical to governing, managing and controlling privileged-user access rights.

"The intent of the study is to provide a better understanding of the state of access governance in global organizations and the likelihood privileged users will abuse or misuse IT resources," said Larry Ponemon, the Ponemon Institute’s chairman and founder. "The findings demonstrate key areas of concern, and clearly identify budget, identity and access-management technologies, and network-intelligence technologies as the three most critical success factors for governing, managing and controlling privileged-user access across the enterprise."