Admin Rights: The Root Cause Behind Today’s Top Security Concerns

At April’s Infosecurity Europe conference in London, we conducted a survey that revealed a troubling disparity between IT professionals' top security concerns and their existing (or lack of) best practices. Results shed light on the extent to which organizations allow employees full control over their desktops and servers, without implementing adequate controls to defend against accidental or deliberate misuse of privileges.

Of the 500 surveyed participants, comprising IT security decision makers at the show, 41 percent cited rogue employees as the biggest threat to their organization. An additional 31 percent of respondents reported malware exploits and targeted cyber-attacks as their top threats and 8 percent of respondents pointed to unauthorized software as most dangerous.

Despite these concerns, more than 30 percent of respondents admitted to having no policy in place for managing administrator access. This is especially problematic, when you consider the power that privileged accounts carry in all three of these cited security concerns. Organizations are quickly learning that privileged users can very simply (and unwittingly) invite malware on the corporate system that could potentially result in massively expensive and excruciating data breaches. Plus, recent statistics have shown admin rights are more likely to cause malware infection as a result of unauthorized application downloads onto corporate systems.

As the sophistication of malware continues to advance, and the current crop of anti-malware software repeatedly proves ineffective against targeted attacks, the best means of fighting off vulnerability is using a flexible approach to privilege management. A least privilege methodology, where admin rights are assigned to processes and applications, as opposed to users or computers, is just as easy as rolling out signature-based AV protection, but with a defense-in-depth advantage that traditional solutions lack. Only when organizations realize this, will they really be able to resolve the core, underlying source of their top threat concerns, regaining control of their corporate security posture.