The Perils of Poor Privileged Account Management

Karen A. Frenkel Avatar

Updated on:

The Perils of Poor Privileged Account Management

The Perils of Poor Privileged Account ManagementThe Perils of Poor Privileged Account Management

Privileged accounts are the keys to the kingdom, yet the majority of IT pros admit lax account management practices open up their company to serious security risks.

Privileged Account Management ChallengesPrivileged Account Management Challenges

The top three challenges respondents face managing administrative or other privilege passwords: Default admin passwords on hardware and software not consistently changed: 37%, Multiple administrators share a common set of credentials: 37%, Can’t consistently identify individuals responsible for administrator activities: 31%

Better Control Would Reduce RiskBetter Control Would Reduce Risk

Asked whether better control of administrative or other privileged accounts would reduce the likelihood of a security breach, 76% of respondents said yes and 24% said no.

Most Have Process for Managing Privileged AccountsMost Have Process for Managing Privileged Accounts

77% of respondents said their companies have a defined process for managing administrative or other privileged accounts. 23% said their companies have no such process.

The Majority Use Software to Manage Privileged AccountsThe Majority Use Software to Manage Privileged Accounts

The three types of software respondents use are: Password vault: 41%, Internally developed tools or scripts: 39%, Change management software: 31%

Delegation Is Critical to Privileged Account ManagementDelegation Is Critical to Privileged Account Management

Asked which management practices are most critical to their organization, respondents chose delegation (implementing a least-privilege model by which administrators are only given sufficient rights to do their job) and password vaulting (automated storage, issuance and changing administrative credentials).

Less Than Half Log Privileged AccessLess Than Half Log Privileged Access

49% of respondents record, log or monitor some but not all administrative or other privileged access, 42% do so for all access, and 9% do not do any of these.

Most Have Process for Changing PasswordsMost Have Process for Changing Passwords

Asked whether their company has a defined process for changing the default admin password on hardware and software when new resources are brought in, 72% said yes and 28% said no.

Few Change Passwords MonthlyFew Change Passwords Monthly

Only 26% of respondents said administrative or other privileged passwords on mission-critical systems are changed monthly.

Best PracticesBest Practices

Dell offers the following best practices for securing privileged accounts and alleviating risk to business: Take inventory of privileged accounts, including users and the systems that use them. Ensure that privileged passwords are stored securely, enforce strict requirements for access and change management processes for privileged passwords. Ensure individual accountability and least-privileged access. Log and/or monitor all privileged access. Audit use of privileged access regularly.

Karen A. Frenkel Avatar