Why Securing Privileged Accounts Is a Must
-
Why Securing Privileged Accounts Is a Must
Organizations are aware of the need to properly manage and secure privileged accounts, but many fail to do so. -
Awareness of Securing Privileged Credentials Growing
80% of respondents consider PAM a high priority. 60% indicate that PAM security is required to demonstrate compliance with government regulations. -
Follow-through Is Lacking
Although aware of the need to secure privileged credentials, implementing security best practices is lacking. 20% of organizations have never changed their default passwords on privileged accounts, for example. -
Password Sharing
30% of organizations allow accounts and passwords to be shared. 40% use the same security for privileged accounts as for standard accounts. -
Approval and Auditing Are Lax
70% of organizations do not require approval for creating new privileged accounts. 50% of organizations do not audit privileged account activity. -
Failure of Communication
30% of organizations have not communicated to their stakeholders the importance of following IT security policies. -
Manual Methods Used for PAM
66% of organizations still rely on manual methods to manage privileged accounts. Only 10% have implemented an automated security vendor solution. -
What You Can Do About It
To help secure privilege credentials throughout the enterprise, the report recommends that you: • Educate key stakeholders about the urgency and value of PAM security. You can take the survey yourself to see how your PAM practices compare with others and share the results. • Automate security management. There are affordable PAM solutions for any size organization. -
More Recommendations
• Adopt and implement security policies to help ensure least privilege strategy for account access. Too many accounts have been granted broad and deep privileges, so explore using software tools to limit privileged account access without impacting user productivity. • Provide greater visibility in PAM for CISOs while demonstrating compliance with audits and policies affecting privileged account credential
A new study reveals security gaps in how organizations manage and secure their privileged account passwords and network access. “The 2016 State of Privileged Account Management Report” by Thycotic, a provider of privileged account management (PAM), and Cybersecurity Ventures, a research and market intelligence firm. The survey includes responses from 500 IT security professionals from organizations worldwide. The report also includes five steps you can take to help secure privileged credentials throughout your enterprise. “While awareness is high among organizations on the importance of securing privileged accounts, according to results found in our survey, many organizations still fall short when it comes to adopting and maintaining best practices in the protection of privileged account credentials,” says James Legg, president and CEO of Thycotic. “Weak privileged account management is a rampant epidemic at large enterprises and governments globally,” says Steve Morgan, founder and CEO of Cybersecurity Ventures, “We expect the needle on automated PAM solutions adoption to move fairly quickly into the 50% range over the next two years.”