Attacks/Breaches
3/6/2014
05:06 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

New IT Security Survey Results -- Top Reasons To Monitor Users

BalaBit IT Security survey about use of privileged identity management (PIM) and privileged activity monitoring (PAM) technology

NEW YORK and SAN FRANCISCO, February 25, 2014 – BalaBit IT Security (www.balabit.com) today announced results of a recent survey of IT security professionals about use of privileged identity management (PIM) and privileged activity monitoring (PAM) technology.

Of those surveyed, respondents ranked the reasons for monitoring privileged users, from most to least important, as follows:

1. Detect/track suspicious user behavior and prevent incidents – 60% considered this the most important factor

2. Control and audit IT service providers

3. Control and audit internal IT staff

4. Support IT/network staff in troubleshooting

5. Support internal business processes (i.e., reporting)

6. Meet/prove compliance with regulatory requirements

7. Control and audit virtual desktop infrastructure (VDI) users

8. Reduce costs for IT operations

9. Support forensics investigations

10. Reduce costs for security audits

"With compliance as the sixth most important reason for companies to deploy PIM, it is reassuring to see that most companies recognize it is more important to increase their operational efficiency by increasing the security level and managing people than only 'checking the box' and passing the audits," said Zoltán Györkő, CEO of BalaBit IT Security.

Altough 98% of respondents said that a PAM tool could increase the level of protection to their system security, a relatively high number of 16% stated that they have no solution deployed at all to protect against malicious insiders.

"It's disturbing that so many decision-makers are still ignoring the human factor and making their procurement priorities based on the physical and virtual infrastructure. The most commonly used product, firewalls, are completely ineffective against handcrafted attacks, especially APT or internal attacks. It is clear from today's headlines that these types of attacks are happening with much more frequency and are not only a common source of data breaches but the primary source of the most costly cyber attacks," said Györkő.

Additional survey findings include:

Those who have any kind of tools against internal attacks use at least two different products at the same time to provide the required protection Although almost all companies have been using firewalls, only 63% of the interviewed said that they use firewall options such as access policies to prevent internal cyber-attacks

37% use identity/password management

30% use network access control (NAC)

Activitity monitoring is performed by 25% of the companies

Almost two-thirds would prefer to have a standalone, turnkey appliance for PAM purposes

About the Survey

BalaBit IT Security conducted this survey between September 2013 and January 2014 by interviewing more than 400 IT professionals including CIOs, CSOs, system administrators, system managers and other IT workers in Europe (mainly in France, Germany, UK and Hungary). 44% of respondents work for large, 34% for middle size, 22% for small size companies. They represented industries including IT and telecom (38 percent), government (26 percent), financial (16 percent), retail (7 percent), manufacturer (5 percent) and healthcare (3 percent) sectors.

About BalaBit

BalaBit IT Security is an innovative information security company, a global leader in the development of privileged activity monitoring, trusted logging and proxy-based gateway technologies to help protect customers against internal and external threats and meet security and compliance regulations. As an active member of the open source community, we provide solutions to a uniquely wide range of both open source and proprietary platforms, even for the most complex and heterogeneous IT systems across physical, virtual and cloud environments.

BalaBit is also known as "the syslog-ng company", based on the company's flagship product, the open source log server application, which is used by more than 1 million companies worldwide and became the globally acknowledged de-facto industry standard.

For more information, visit www.balabit.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5395
Published: 2014-11-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 before 21.270.21.00.00, and E586Bs-2 before 21.322.10.00.889 allow remote attackers to hijack the authentication of users ...

CVE-2014-7137
Published: 2014-11-21
Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) contactid parameter in an addcontact action, (2) ligne parameter in a swapstatut action, or (3) project_ref parameter to projet/tasks/contact.php; (4...

CVE-2014-7871
Published: 2014-11-21
SQL injection vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev36 and 7.6.x before 7.6.0-rev23 allows remote authenticated users to execute arbitrary SQL commands via a crafted jslob API call.

CVE-2014-8090
Published: 2014-11-21
The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nes...

CVE-2014-8469
Published: 2014-11-21
Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in Moxi9 PHPFox before 4 Beta allows remote attackers to inject arbitrary web script or HTML via the User-Agent header.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?