By: The Perils of Poor Privileged Account Management
The Perils of Poor Privileged Account Management
Privileged accounts are the keys to the kingdom, yet the majority of IT pros admit lax account management practices open up their company to serious security risks.
Privileged Account Management Challenges
The top three challenges respondents face managing administrative or other privilege passwords: Default admin passwords on hardware and software not consistently changed: 37%, Multiple administrators share a common set of credentials: 37%, Can't consistently identify individuals responsible for administrator activities: 31%
Better Control Would Reduce Risk
Asked whether better control of administrative or other privileged accounts would reduce the likelihood of a security breach, 76% of respondents said yes and 24% said no.
Most Have Process for Managing Privileged Accounts
77% of respondents said their companies have a defined process for managing administrative or other privileged accounts. 23% said their companies have no such process.
The Majority Use Software to Manage Privileged Accounts
The three types of software respondents use are: Password vault: 41%, Internally developed tools or scripts: 39%, Change management software: 31%
Delegation Is Critical to Privileged Account Management
Asked which management practices are most critical to their organization, respondents chose delegation (implementing a least-privilege model by which administrators are only given sufficient rights to do their job) and password vaulting (automated storage, issuance and changing administrative credentials).
Less Than Half Log Privileged Access
49% of respondents record, log or monitor some but not all administrative or other privileged access, 42% do so for all access, and 9% do not do any of these.
Most Have Process for Changing Passwords
Asked whether their company has a defined process for changing the default admin password on hardware and software when new resources are brought in, 72% said yes and 28% said no.
Few Change Passwords Monthly
Only 26% of respondents said administrative or other privileged passwords on mission-critical systems are changed monthly.
Best Practices
Dell offers the following best practices for securing privileged accounts and alleviating risk to business: Take inventory of privileged accounts, including users and the systems that use them. Ensure that privileged passwords are stored securely, enforce strict requirements for access and change management processes for privileged passwords. Ensure individual accountability and least-privileged access. Log and/or monitor all privileged access. Audit use of privileged access regularly.
