IT-Analysis.com
IT-Analysis.com Logo
Business Issues Channels Enterprise Services SME Technology
Module Header
Louella FernandesLouella Fernandes
Louella Fernandes
22nd April - Internet of Things: A New Era for Smart Printing?
Simon HollowayThe Holloway Angle
Simon Holloway
18th April - Virgin Media expose private email addresses
Craig WentworthMWD Advisors
Craig Wentworth
17th April - Box's enterprise customers step forward to be counted
Craig WentworthMWD Advisors
Craig Wentworth
16th April - Egnyte the blue touchpaper...

Blogs > Quocirca

Organisations failing to close-off the risks of legacy Privileged Accounts
Bob Tarzey By: Bob Tarzey, Service Director, Quocirca
Published: 13th March 2012
Copyright Quocirca © 2012
Logo for Quocirca

If you are trying to compromise an organisation’s IT systems in some way, then you need to have access. Getting a given user’s log in details is a starting point but might not get you that far, unless they are a user with privilege. Privileged users have much wider ranging access than 'normal' users, often far more than they need. Privileged user accounts are therefore of great interest to hackers.

A responsible system administrator (sys-admin) should at least have a strong password and keep it secret. However, it is clear from recent Quocirca research that there are likely to be plenty of privileged user accounts out there that are not even associated with active sys-admins, let alone responsible ones.

They fall into two categories:

  1. Default accounts supplied with software may be left in place; 58% of organisations confirmed that they did not have full control over the management of such accounts
  2. Accounts left in place when a privileged user leaves an organisation or moves to a position that no longer requires privileged access; 54% of organisation admitted they did not fully control the removal of such accounts

Default privileged user accounts can be searched for and closed down. Ensuring privileges are removed from users that are no longer needed can either be controlled by making the allocation of privileges an extension of standard identity and access management, or by granting all privileges on an 'as needed' basis for a limited period of time through the use of password vaults.

This is not just an issue with regard to external hackers. Ask the French Bank Société Générale; the rogue trader Jérôme Kerviel, who lost it €4.9 billion, perpetrated his fraud and covered his actions for a couple of years because of privileged user access that he had been granted to carry out a previous IT administrator related job, which had not been revoked when he moved to the trading floor.

To see the full research behind this and get a free copy of Quocirca’s report – “Conquering the sys-admin challenge” – go to http://www.osirium.com/alpha-files/wp

Advertisement



Published by: IT Analysis Communications Ltd.
T: +44 (0)190 888 0760 | F: +44 (0)190 888 0761
Email: