Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats //

Insider Threats

8/9/2016
12:00 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Organizations Still Give Employees More Access Than They Need

Ponemon study shows that access to proprietary information remains on the rise.

As the enterprise increasingly requires employees to have more access than ever to sensitive and proprietary information, improvements to how well companies enforce access policies and track employee use of files are still slow on the uptake. According to a new study out by Ponemon Institute, the rate at which employee access is expanding outstrips the rate at which least privilege and other policy enforcements are gaining steam. 

Sponsored by Varonis, the study queried over 3,000 employees in US and European organizations, approximately half from line-of-business roles and half from IT roles, to examine practices and attitudes about insider behavior with regard to sensitive data. Trends were also tracked against a similar study from 2014 to see how things have changed in the past two years.

Ponemon showed that the amount of access and use of proprietary information is on the rise --the number of employees who reported their job requires such access increased by 12 points to 88% this year. In the good news category, the percent of end users who report they have access to data they probably shouldn't see has decreased from 71% down to 62%. However, that's still a high number and shows there's still lots of room for improvement.

"This survey raises key points as to why hackers are able to maximize impact — too many employees have too much access, beyond what they need to do their jobs," says Dr. Larry Ponemon, author of the report and chairman and founder of Ponemon Institute. "On top of this, when employees access valuable data and their activity is not tracked or audited, it becomes far too easy for an external hacker or a rogue insider to get away unnoticed."

According to the study, 76% of organizations have experienced the loss or theft of company data over the past two years, a number rising since 2014. About three of four IT practitioners say that either negligent or malicious employees or contractors are the most likely to compromise accounts within their organizations and 55% say that their biggest worry is negligent insiders.

IT practitioners report that only about 29% of organizations fully enforce a least-privilege model of access control. That's up by nine points, but it shows that two-thirds of organizations are still lax with their controls. In fact, over one-quarter of organizations still do not enforce least-privilege at all. Meanwhile, when it comes to keeping on-going tabs on access activity, over half of organizations report that they review access to file shares or other collaborative data stores only annually or not at all. Additionally, a full 35% of organizations do not maintain a searchable record of file system activity.

All of this makes it difficult for companies to quickly detect employees or employee accounts accessing files and emails they're not authorized to see. About 57% of organizations take a week or longer to do so. 

 

Related Content:

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
JulietteRizkallah
50%
50%
JulietteRizkallah,
User Rank: Ninja
8/12/2016 | 12:57:49 PM
Protect all your Data
As the recent and on-going DNC email breach attests, it is not sufficient for corporations and organizations to secure their sensitive data stored in applications and systems.  Files, emails are now the main target and very few companies today secure them.  This means this trend will go on for a while and a new layer of Identity Governance around unstructured data is about to see tremendous growth.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15058
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
CVE-2020-15059
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
CVE-2020-15060
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
CVE-2020-15061
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.
CVE-2020-15062
PUBLISHED: 2020-08-07
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.