Privileged accounts are great targets for threat actors because fraudsters with high levels of access can cause data leaks of greater significance. A new survey by One Identity revealed that problems related to privileged account management put sensitive enterprise data at risk.

The survey, which queried 900 security professionals from around the world, found that 86 percent of organizations do not consistently change privileged account passwords after each use. Even worse, 40 percent of respondents neglect to change default administrator passwords.

Problems With Privileges

The report detailed other failures to follow security best practices. For example, only 54 percent of respondents use a password vault to protect privileged accounts. Furthermore, while 95 percent of respondents said they log or monitor high-level access to some degree, only 43 percent monitor all privileged access. This negligence could enable credential-stealing threat actors to move throughout the network without causing any alarm.

Meanwhile, 32 percent of respondents said they were unable to definitively identify administrator activities. This is no surprise, since 46 percent of respondents have multiple administrators who share common credentials.

Too Many Tools

The survey found that organizations employ various tools for privileged access management, including Microsoft Excel (36 percent) and internally developed scripts (37 percent). In fact, a 2016 Thycotic survey revealed that 70 percent of security professionals used either “homegrown” solutions or no tools at all to manage privileged accounts.

Other common tools include permissions delegation software (25 percent) and paper-based log books (18 percent), according to the One Identity report. Further muddying the waters, two-thirds of respondents said they used multiple tools for privileged account management, while 13 percent reported using four or more.

Mitigating Privileged Account Management Risks

Security teams should consider ways to improve their privileged account management practices. Some organizations might benefit from implementing a comprehensive approach to password management in general, not just for privileged accounts.

An integrated identity and access management (IAM) solution that contains a high-security password vault for the most important accounts can also lend added security to the entire system, and ensure that credentials can be controlled and modified as users’ needs change over time. By dealing holistically with all accounts, security professionals can mitigate the problems specific to privileged account management.

more from

From Ramnit To Bumblebee (via NeverQuest): Similarities and Code Overlap Shed Light On Relationships Between Malware Developers

A comparative analysis performed by IBM Security X-Force uncovered evidence that suggests Bumblebee malware, which first appeared in the wild last year, was likely developed directly from source code associated with the Ramnit banking trojan. This newly discovered connection is particularly interesting as campaign activity has so far linked Bumblebee to affiliates of the threat group ITG23 (aka the Trickbot/Conti…

X-Force 2022 Insights: An Expanding OT Threat Landscape

This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities. The OT cyber threat landscape is expanding dramatically and OT…