November 9, 2017 By Larry Loeb 2 min read

Privileged accounts are great targets for threat actors because fraudsters with high levels of access can cause data leaks of greater significance. A new survey by One Identity revealed that problems related to privileged account management put sensitive enterprise data at risk.

The survey, which queried 900 security professionals from around the world, found that 86 percent of organizations do not consistently change privileged account passwords after each use. Even worse, 40 percent of respondents neglect to change default administrator passwords.

Problems With Privileges

The report detailed other failures to follow security best practices. For example, only 54 percent of respondents use a password vault to protect privileged accounts. Furthermore, while 95 percent of respondents said they log or monitor high-level access to some degree, only 43 percent monitor all privileged access. This negligence could enable credential-stealing threat actors to move throughout the network without causing any alarm.

Meanwhile, 32 percent of respondents said they were unable to definitively identify administrator activities. This is no surprise, since 46 percent of respondents have multiple administrators who share common credentials.

Too Many Tools

The survey found that organizations employ various tools for privileged access management, including Microsoft Excel (36 percent) and internally developed scripts (37 percent). In fact, a 2016 Thycotic survey revealed that 70 percent of security professionals used either “homegrown” solutions or no tools at all to manage privileged accounts.

Other common tools include permissions delegation software (25 percent) and paper-based log books (18 percent), according to the One Identity report. Further muddying the waters, two-thirds of respondents said they used multiple tools for privileged account management, while 13 percent reported using four or more.

Mitigating Privileged Account Management Risks

Security teams should consider ways to improve their privileged account management practices. Some organizations might benefit from implementing a comprehensive approach to password management in general, not just for privileged accounts.

An integrated identity and access management (IAM) solution that contains a high-security password vault for the most important accounts can also lend added security to the entire system, and ensure that credentials can be controlled and modified as users’ needs change over time. By dealing holistically with all accounts, security professionals can mitigate the problems specific to privileged account management.

More from

Black Friday Chaos: The Return of Gozi Malware

4 min read - On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America.The Black Friday connectionBlack Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity and often…

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models

4 min read - With generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook.With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, businesses need to know exactly where their vulnerabilities lie. Given the remarkable pace at which they’re adopting gen AI, there’s a good chance that some of those vulnerabilities lie in AI models themselves — or the data used to…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today