There are lots of wanderings from tiers, end-users and from companies of all sizes when it comes to security and data privacy in our ever-connected data-driven digital world.
Therefore, it is indispensable to recall that, Companies or organizations that employ best practices and use practical solutions to restrict access and monitor conditions are far better equipped to handle today’s threat landscape.
We have captured for you a new study from BeyondTrust that unveiled the results of its definitive Privilege Benchmarking Study based on a worldwide survey of IT professionals. The study highlights a daunting gap between organizations that adhere to best practices for privileged access management.
Key findings are indicating that,
1. Only 14 percent regularly cycle their passwords, leaving systems exposed to breaches,
2. Just 3 percent watch/terminate sessions in real time,
3. 52 percent “just know” what the risks are, but aren’t doing enough about it,
4. Federal Government Vulnerable to Breaches, despite a high level of awareness of the threat.
For organizations looking to reduce the risk of a damaging data breach as a result of privilege abuse or misuse, BeyondTrust has developed five recommendations based on the Privilege Benchmarking Study:
- Be granular: Implement granular least privilege policies to balance security with productivity. Elevate applications, not users.
- Know the risk: Use vulnerability assessments to achieve a holistic view of privileged security. Never elevate an application’s privileges without knowing if there are known vulnerabilities.
- Augment technology with process: Reinforce enterprise password hygiene with policy and an overall solution. As the first line of defense, establish a policy that requires regular password rotation and centralizes the credential management process.
- Take immediate action: Improve real-time monitoring of privileged sessions. Real-time monitoring and termination capabilities are vital to mitigating a data breach as it happens, rather than simply investigating after the incident.
- Close the gap: Integrate solutions across deployments to reduce cost and complexity, and improve results. Avoid point products that don’t scale. Look for broad solutions that span multiple environments and integrate with other security systems, leaving fewer gaps.