Why Securing Privileged Accounts Is a Must
Why Securing Privileged Accounts Is a Must
Organizations are aware of the need to properly manage and secure privileged accounts, but many fail to do so.
Awareness of Securing Privileged Credentials Growing
80% of respondents consider PAM a high priority. 60% indicate that PAM security is required to demonstrate compliance with government regulations.
Follow-through Is Lacking
Although aware of the need to secure privileged credentials, implementing security best practices is lacking. 20% of organizations have never changed their default passwords on privileged accounts, for example.
Password Sharing
30% of organizations allow accounts and passwords to be shared. 40% use the same security for privileged accounts as for standard accounts.
Approval and Auditing Are Lax
70% of organizations do not require approval for creating new privileged accounts. 50% of organizations do not audit privileged account activity.
Failure of Communication
30% of organizations have not communicated to their stakeholders the importance of following IT security policies.
Manual Methods Used for PAM
66% of organizations still rely on manual methods to manage privileged accounts. Only 10% have implemented an automated security vendor solution.
What You Can Do About It
To help secure privilege credentials throughout the enterprise, the report recommends that you: • Educate key stakeholders about the urgency and value of PAM security. You can take the survey yourself to see how your PAM practices compare with others and share the results. • Automate security management. There are affordable PAM solutions for any size organization.
More Recommendations
• Adopt and implement security policies to help ensure least privilege strategy for account access. Too many accounts have been granted broad and deep privileges, so explore using software tools to limit privileged account access without impacting user productivity. • Provide greater visibility in PAM for CISOs while demonstrating compliance with audits and policies affecting privileged account credential
