Upload
courion-corporation
View
76
Download
3
Embed Size (px)
DESCRIPTION
Call it the great Data Breach Disconnect. A recent survey of IT security executives revealed the gap between knowing about access risk and an organization’s ability to remediate that risk. For example, 97% of respondents are aware that access risk is created by misused or stolen credentials, but only 29% are confident that their organization is able to detect improper access.
Citation preview
Conducted by Courion in November 2014Audience of 35,400 IT security executives
at companies worldwide with 500+ employees
After a year of unrelenting data breaches, IT security executives are
keenly aware of the possibility of a breach within their organizations . .
.
84% agree: it is not whether you will be breached, but rather,
what you can do to reduce the damage of a breach
Agree84%
Disagree16%
43% know someone whose organization has suffered a
data breach in the last 6 months
Yes43%
No57%
97% agree: misused or stolen access credentials
provide easy access for hackers
Agree97%
Disagree3%
The majority are confident that they have access under control .
. .
76% believe their organization knows who has
administrative privileges
Agree76%
Disagree24%
And 72% said their organization enforces a “least privilege”
policy
Agree72%
Disagree28%
But below the surface there may be a disconnect . . .
43% admit their organization does not know when
access privileges are increased, or when access behavior
changes
Aware57%
Not Aware43%
And only 29% feel confident their organization is able to detect
when access credentials are misused or stolen
I do not know29%
Agree29%
Disagree42%
Will these organizations be able to deter or detect a breach?
41% know abandoned accounts exist in their organization,
and another 12% just don’t know . . .
Disagree47%
Agree41%
I do not know12%
And only 47% feel confident there are no
orphaned accounts in their organization
Agree47%
Disagree41%
I do not know12%
In fact, privileged accounts & unnecessary entitlements
are the access risks that cause the most anxiety
10.4%
11.9%
31.1%
46.7%
0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 45.0% 50.0%
ORPHANED ACCOUNTS - accounts with noadminstrative oversight
ABANDONED ACCOUNTS - accounts inactive for a timeperiod exceeding policy
UNNECESSARY ENTITLEMENTS - unneeded or excessaccess privileges, often in conflict with SoD practices
PRIVILEGED ACCOUNTS - accounts with increasedlevels of permission that provide elevated access to
critical networks, systems, applications or transactions
So how can IT security get ahead of access risks?
By using an identity and access intelligence solution that
continuously monitors access risks . . .
So you can quickly view accounts by privileged entitlements
And identify and eliminate abandoned accounts
And find orphan accounts that need administrative oversight
And maintain a least privilege policy
The Department of Homeland Security recommends
improved access hygiene & continuous access monitoring
Conduct a regular review of employee access and terminate any account
that individuals do not need to perform their daily job responsibilities.
Terminate all accounts associated with an employee or contractor immediately
upon dismissal.
Change administrative passwords to servers and networks following
the release of IT personnel.
Avoid using shared usernames and passwords for remote desktop protocol.
Do not use the same login and password for multiple platforms, servers, or networks.
Ensure third party service companies providing e-mail or customer support
know that an employee has been terminated.
Restrict Internet access on corporate computers to cloud storage Web sites.
Do not allow employees to download unauthorized remote login applications
on corporate computers.
Maintain daily backups of all computer networks and servers.
Require employees change passwords to corporate accounts regularly
(in many instances, default passwords are provided by IT staff and are never changed).
http://www.ic3.gov/media/2014/140923.aspx
To learn more about how you can add intelligence to
your identity & access management, contact
866.COURION.