We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
Eighty-three percent of survey respondents face many challenges with managing privileged accounts and administrative passwords, ranking the following as the top three most critical privileged account management (PAM) challenges facing their organisations:
1. Default admin passwords on hardware and software are not consistently changed (37 percent)
2. Multiple admins share a common set of credentials (37 percent)
3. Inability to consistently identify individuals responsible for administrator activities (31 percent)
Although more than 75 percent say they have a defined process for changing the default admin password on hardware and software as new resources are brought into the organisation, only 26 percent said they change admin passwords monthly on mission critical systems and devices.
Lack of well-defined password and reporting practices present challenges
Survey respondents identified delegation (the ability to implement a least-privileged model of admin activity, in which admins are given only sufficient rights to do their job) and password vaulting (the ability to automate storage, issuance and changing of administrative credentials) as the administrative or privileged account management practices most critical to their organisations. However, less than half say they have a regular cadence of recording, logging or monitoring administrative or other privileged access. The lack of a standard, enforced approach, coupled with a multitude of software tools and manual processes for managing privileged accounts, makes the business susceptible to hackers, and exposes corporate data to possible breach.
Prevention of both breaches and insider attacks has become a major driver for the adoption of PAM solutions. According to a recent Gartner “Market Guide for Privileged Access Management” report, “adoption of PAM products by organisations is often partial, leaving gaps that translate to risk.” It notes that “prevention of both breaches and insider attacks has become a major driver for the adoption of privileged access management (PAM) solutions, in addition to compliance and operational efficiency. And by 2017, more stringent regulations around control of privileged access will lead to a rise of 40% in fines and penalties imposed by regulatory bodies on organisations with deficient PAM controls that have been breached.”1
Dell offers best practices for securing privileged accounts and alleviating risk to the business
A successful privileged account management strategy should take an integrated approach to addressing PAM challenges. Dell offers the following best practices for implementing an automated, controlled approach to privileged access management that secures the business today and alleviates risk:
1. Take an inventory of the organisation’s privileged accounts, including users, and the systems that use them.
2. Ensure that privileged passwords are stored securely, and enforce strict requirements for access request and change management processes for privileged passwords.
3. Whenever possible, ensure individual accountability and least-privileged access.
4. Log and/or monitor all privileged access.
5. Audit use of privileged access on a regular basis.
