Is a privileged user ‘privileged’ anymore?

Published on 27 March 2018

71% of organizations say the number of privileged accounts is growing, which doesn’t bode particularly well for cyber security. The more privileged users a business has, the more at risk it is of cyber-attacks associated with those accounts.

Businesses seem to be pretty self-aware about this, though, with over half admitting that the number of privileged users in their IT environments is probably too high in relation to the number of people in the IT team.

So they know they need to get better at locking the door. And yet they’re still not very good at managing who has the keys.

Outsider access

In our latest research report, The Known Unknowns of Cyber Security, Balabit has uncovered that 59% of privileged accounts are actually granted to people who sit outside of the immediate organization. That could be a third-party vendor, reseller, partner or contractor.

It’s alarming to see that privileged credentials are voluntarily granted to so many external account holders – and also little wonder, that being the case, that so many businesses seem to be struggling to monitor who has access, where and when. It also explains why so many cyberattacks continue to be linked to privileged access.

With the numbers of privileged users rising and accounts scattered across people in different locations, both inside and outside the organization, IT teams need a better way of being able to monitor what’s happening in their IT environment.

The ‘privilege’ to IT ratio

Rising privileged numbers mean it’s increasingly difficult for IT teams to keep tabs on all the goings-on across associated accounts in their network (especially when these are granted to people who don’t even sit within the organization). This is particularly true of SMEs, who are often light on resource, but also true for many large enterprises, who have high volumes of privileged accounts and busy IT teams spinning too many plates.

In fact, 61% of the IT professionals we surveyed said that the number of privileged accounts is too high in relation to the number of people who work in the IT team. This shows they’re aware of the problem, but need help resolving its knock-on effects and the ongoing risk it poses to security.

Reducing the number of privileged accounts isn’t necessarily the answer. IT teams simply need a better way of managing the privileged accounts on their networks. They need to have better sight of who has privileged access, where and when, and be able to manage it all from one central authorization point. Which is where privileged access management tools step in.

Privileged-only privilege

Perhaps one of the most telling findings in our research was this:

‘67% of businesses agree it’s quite possible that former employees could still retain credentials and gain access to the network.’

It should go without saying that former employees should not fall under the umbrella of privilege. If a business is not keeping on top of something as simple as shutting down employee credentials as soon as someone leaves the business, is it any wonder that cyberattacks, especially those that can be linked to employee privileges, are still so prevalent?

It’s not for want of trying that high-risk security lapses keep happening. Time-poor, over-stretched IT teams are not equipped with the tools they need to make sure privileged access means exactly that – for privileged users only.

If IT teams are to execute a less scattergun approach to cyber security, they need a simpler user-management portal that gives them absolute oversight of privileged accounts. Only then will privileged once again mean what it’s supposed to.

For more information on managing who has privileged account access, download the The Known Unknowns of Cyber Security report.

by Balabit

Balabit, a One Identity business, is a leading provider of Privileged Access Management (PAM) and Log Management solutions. Founded in 2000, Balabit has a proven track record of helping businesses reduce the risk of data breaches associated with privileged accounts.

share this article
Mitigate against privileged account risks
Get in touch

Recent Resources

The top IT Security trends to watch out for in 2018

With 2017 now done and dusted, it’s time to think ...

The key takeaways from 2017’s biggest breaches

Like many years before it, 2017 has seen a large ...

Why is IT Security winning battles, but losing the war…?

This is a guest post by Adrian Asher, CISO at London ...

“The [Balabit] solution’s strongest points are the privileged session management, recording and search, and applying policy filters to apps and commands typed by administrators on monitored sessions.”

– The Forrester Wave, Privileged Identity Management, Q3 2016, by Andras Cser