News Insider Threat
Survey Of IT Professionals Reveals Discrepancy Between Support Of And Implementation Of Desktop Privilege Control
Nearly half of respondents, however, report privileged accounts widespread on company desktops and laptops
Manchester (UK) and Boston, December 11, 2012 – While the majority of security professionals recognize the importance of limiting administrative rights on corporate desktops and laptops, many organizations continue to lag when it comes to implementing least privilege, according to a report released today by Avecto. The survey, conducted at the McAfee Focus 2012 conference in Las Vegas, was comprised of 365 IT professionals attending the show.
While 84% of those surveyed believe their organizations need better control of user privileges on company machines, nearly 40% of respondents reported that more than half of employees at their organizations have privileged accounts and another 5% are unsure how widely privileged accounts are used throughout their organizations. These figures demonstrate a clear dichotomy between organizations’ future security goals versus their lacking practices, suggesting a need to fill this void. The survey also points towards a curtailing of the Bring-Your-Own-Device (BYOD) trend, with 70% of respondents naming security as their biggest BYOD concern. Yet, nearly 50% of those surveyed said their organizations either don’t have a BYOD policy in place (22%) or allow employees to use any device (27%).
More Security Insights
White PapersMore >>
Other notable findings include:
· 45% of those surveyed reported mitigating malware attacks as the primary reason for reducing the number of privileged accounts in their organizations, followed by 18% attributing this to either combatting insider threats (9%) or external compliance (9%).
· Nearly 17% reported their organizations limit the use of personal phones and tablets for work, while 27% do not have any restrictions in place towards devices. Only 12% reported users are not allowed to use their own devices for work.
“As we look towards the new year and beyond, the rising threat of sophisticated malware will drive more companies to look into more proactive defense-in-depth security measures, such as privilege management and application control, to make it more difficult for targeted attacks to infect the corporate network,” says Paul Kenyon, Avecto co-founder and Chief Operating Officer. “CTOs are quickly realizing that very few people within an organization require admin rights to be productive, in turn, creating a least-risk environment. Many organizations have taken the first step towards eliminating admin rights from the majority of users and we can expect fewer and fewer employees, including IT admins, afforded fully-privileged accounts – eventually resulting in the demise of the admin right.”
“Security concerns will continue to hamper BYOD and it will fail to live up to the hype,” adds Kenyon. “In 2013, we’ll see that personal devices for corporate use will be increasingly limited to checking email, so users will perform their primary work on corporate-owned laptops, desktops and tablets. Consequently, we expect to see the resurgence of corporate devices and precipitate the inevitable curtailing of BYOD – more choose-your-own-device (CYOD) than bring-your-own-device”.
Using a flexible approach to privilege management, such as Avecto Privilege Guard, organizations can deploy secure and compliant desktops, without compromising users' ability to perform their day-to-day roles. With Privilege Guard, users are empowered with the privileges they require, resulting in increased productivity and reduced desktop support costs.
Learn more about Avecto and Privilege Guard by visiting www.avecto.com. Connect with Avecto on its blog, on LinkedIn and on Twitter
Avecto is the leader in Windows privilege management, helping organizations to deploy secure and compliant desktops and servers. With its award winning Privilege Guard technology, organizations can now empower all Windows based desktop and server users with the privileges they require to perform their roles, without compromising the integrity and security of their systems. Customers of all sizes rely on Avecto to reduce operating expenses and strengthen security across their Windows based environments. Our mission is to enable our customers to lower operating costs and improve system security by implementing least privilege. Avecto is building a worldwide channel of partners and system integrators and is headquartered in Manchester, UK with key regional headquarters in Andover, MA and Munich, Germany.