Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations //

Identity & Access Management

7/14/2015
06:10 PM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Shared Passwords And No Accountability Plague Privileged Account Use

Even IT decision-makers guilty of poor account hygiene.

As the winds of the cloud scatter corporate data across the globe and beyond any IT boundaries, identity management continues to grow in importance. But a new survey out from Centrify shows that even those that should know better do not engage in secure account management practices.

In its State of the Corporate Perimeter survey out today, the firm found that nearly 60 percent of US IT decision-makers share access credentials with other employees at least somewhat often. Conducted among 200 of these decision-makers, the survey also found that 52 percent of US-based IT employees also shared credentials with contractors.

This is a scary prospect, given that many of these IT employees are entrusted with credentials for privileged accounts, with account sharing essentially spreading the proverbial "keys to the kingdom" across an organization with little accountability. According to the survey, about three-quarters of respondents estimate that more than 10 percent of employees have access to these kinds of privileged accounts, whether legitimately or through sharing. And over half of respondents in the US reported that it would be easy for a former employee to log in to access systems or data with old passwords.

Unsurprisingly, 74 percent of those surveyed in the US reported that their organization needed to do a better job monitoring who is accessing data and 62 percent believe their organization has too many privileged users. The concern grows as new models in cloud and mobile computing have obliterated the corporate perimeter.

“And there’s the rub: today’s corporate perimeter has nothing to do with physical headquarters and contains data that resides in the cloud and on the numerous devices employees and contractors use in the field," said Tom Kemp CEO and co-founder of Centrify.

As things stand, 92 percent of organizations in the US currently have some form of user monitoring in place. However, only a 56 percent have some sort of privileged identity management. Of those, nearly a third companies do not have someone formally analyzing or auditing how and when employees or contractors are performing privileged access to systems in the organization on at least a weekly basis. Even something as simple as updating passwords on a regular basis is only performed by about 58 percent of US organizations.

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
7/15/2015 | 11:38:46 AM
Ownership
Shared accounts, especially privileged accounts, need to have an account owner assigned to them. They need to be in a database that prompts user monitoring to correlate with windows account policies and this is something that is simple and very low cost. I've seen the other side and it gets ugly to say the least.
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer,  6/13/2019
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2019
Can Your Patching Strategy Keep Up with the Demands of Open Source?
Tim Mackey, Principal Security Strategist, CyRC, at Synopsys,  6/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-1874
PUBLISHED: 2019-06-20
A vulnerability in the web-based management interface of Cisco Prime Service Catalog Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protection mechanisms on the web-ba...
CVE-2019-1875
PUBLISHED: 2019-06-20
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied input by t...
CVE-2019-1876
PUBLISHED: 2019-06-20
A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to use the Central Manager as an HTTPS proxy. The vulnerability is due to insufficient authentication of proxy connection requests. An attacker could exp...
CVE-2019-1878
PUBLISHED: 2019-06-20
A vulnerability in the Cisco Discovery Protocol (CDP) implementation for the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, adjacent attacker to inject arbitrary shell commands that are executed by the device. The vulnerability is due to insuff...
CVE-2019-1879
PUBLISHED: 2019-06-20
A vulnerability in the CLI of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient validation of user-supplied input at the CLI. An attacker could exploi...