How to get your IT network under control

Published on 18 May 2018

According to the UK government’s Cyber Security Breaches Survey 2018, almost half of businesses in the UK have suffered a cyber attack or security breach in the last year. It’s a number that’s likely to rise, given that our own research showed 4 in 5 companies were hit by a breach in 2017.

It’s abundantly clear that cyber attacks are on the rise, and that hackers are becoming more sophisticated (and successful) in their attempts to gain access to sensitive systems and data. But it’s also true that one of the biggest weak spots in the majority of organizations is their own network users – in particular, their privileged account holders.

Our latest research report, IT out of control, reveals that the number of privileged users within an organization is on the rise:

  • 71% of businesses say the number of privileged accounts grew in the last year
  • 70% of businesses expect the number of accounts to grow again this year

In our recent blog, Is a privileged user ‘privileged’ anymore?, we took a closer look at how the privileged few seems to have become the privileged many. Indeed, it’s thought that in 61% of organizations, the number of privileged accounts is too high in relation to the number of people who work in IT, making it difficult for IT teams to monitor their network’s privileged users effectively. This is how weak spots come about – and how security breaches happen.

In this kind of landscape, with both cyber attacks and privileged users proliferating simultaneously – and with the GDPR re-framing our relationship with data security – now’s the time for IT teams to get better control of their networks.

Below are five steps businesses can take to make that happen:

  1. Get to know your security breaches

It’s common knowledge that security breaches are on the rise. Our research shows that over two-thirds (68%) of businesses expect to experience some kind of breach in 2018. But to what extent do businesses really understand the ins and outs of the security breaches that are happening on their own networks? Can they identify the source of the breach – and do they even know if and when they have happened?

Without that detailed knowledge, organizations are leaving their networks extremely vulnerable. After all, if you don’t know the details of the cyber attacks that have happened to you, how can you begin to detect and prevent them in the future? Making sure you build a fuller picture of the security breaches that happen in your own business is the first step towards getting your IT network under control.

  1. Understand the extent of the privilege threat

The number of privileged users is rising – that much is clear. Nearly two-thirds of the businesses we surveyed admit to having too many privileged accounts on their network, but what’s even more significant is the fact that only 41% of an organization’s privileged accounts are assigned to permanent employees. The rest are granted to third parties, partners or contractors, which makes the job of monitoring those accounts trickier still.

Understanding the extent of this threat, and the likelihood of a data security breach being linked to a privileged account, is a crucial step on the road to better IT security.

  1. Control your privileged user pool

One of the most alarming findings in our It Out of Control report was that two-thirds of businesses say that former employees could feasibly retain privileged credentials. It’s perhaps the starkest reminder yet that many IT networks are extremely vulnerable and need to be brought under better control. To achieve this, IT teams must be equipped with tools and systems that will enable them to account for all privileged users – whether they’re employees, third parties or contractors – along with what they have access to and why they need it. The same applies to any devices authorized to access their network. On top of that, processes must begin to be enforced around who can grant privileged access.

  1. Educate your employees

Having the tools and systems in place to help manage privileged users more effectively does not guarantee better security. In our research, 80% of businesses went as far as saying that employee education is more important than technology in the cyber security fight-back. Which is why regular company-wide training and up-to-date IT security policies are essential to getting your IT network under control.

  1. Invest in a PAM solution

 The good news is that all of the above is achievable with Privileged Access Management (PAM), a solution that means the proliferation of privileged accounts no longer needs to present a significant threat to network security. Though according to the findings in our Known Unknowns of Cyber Security report, only 32% of businesses are considering investing in a PAM solution in the next year.

PAM tools go beyond password-based authentication, enabling you to monitor user sessions in real time. By using behavioral biometrics to learn privileged user behaviors and flag actions that sit outside the ‘norm’, your business is effectively protected against privileged access misuse. With this level of unprecedented control, you can stop hacks before they happen.

To find out more, read the full IT Out of Control report.

by Balabit

Balabit, a One Identity business, is a leading provider of Privileged Access Management (PAM) and Log Management solutions. Founded in 2000, Balabit has a proven track record of helping businesses reduce the risk of data breaches associated with privileged accounts.

share this article
Mitigate against privileged account risks
Get in touch

Recent Resources

The top IT Security trends to watch out for in 2018

With 2017 now done and dusted, it’s time to think ...

The key takeaways from 2017’s biggest breaches

Like many years before it, 2017 has seen a large ...

Why is IT Security winning battles, but losing the war…?

This is a guest post by Adrian Asher, CISO at London ...

“The [Balabit] solution’s strongest points are the privileged session management, recording and search, and applying policy filters to apps and commands typed by administrators on monitored sessions.”

– The Forrester Wave, Privileged Identity Management, Q3 2016, by Andras Cser