- Apathy - Specifically, among password practices, organizations believe that the threat level is highest for users sharing passwords with other users (79%). While organizations are generally well aware of the perils of sharing passwords, a relatively large number of respondents, 22%, report that bad password practices still persist.
- Greed – The practice of allowing users to run as administrators on their machines is recognized by study respondents as the highest threat level (71%) among privilege management malpractices. Although the risk is recognized, an astounding 38% of respondents report that it is still common for users to run as administrators on their machines, and 22% of respondents say this practice has caused downtime. Why are end-users still allowed to have administrator rights when it is a basic security hygiene to remove all excessive privileges?
- Pride - 18% of respondents claim that attacks that combine privileged access with the exploitation of an unpatched vulnerability are common. When combined with eliminating local administrator rights on end users’ machines, properly patching system vulnerabilities can close off most of today’s commonly reported attack vectors like ransomware. These threats thrive on system weaknesses and excessive access rights in order to move laterally.
- Ignorance - 68% of respondents consider least privilege on Unix/Linux an important PAM function. While 86% of respondents believe their Unix/Linux environments have the highest level of protection, 54% of respondents still run Sudo on at least one Unix/Linux server, and 39% still run it on workstations. Respondents report that Sudo shortcomings include that is time-consuming, complex, and lacks policy version control and synchronization making it a poor security practice.
- Envy - A surprising 37% of respondents report that they are not extending protection to SaaS applications and new cloud initiatives. Privileged access must be secured consistently across all resources and there is a form of envy that the cloud just does not need these initiatives; that is just not true.
- Privileged Password Management
- Discover, manage, audit, and monitor privileged accounts
- Endpoint Privilege Management
- Manage privileges on Windows, Mac, Linux, and Unix endpoints
Universal Privilege Management
Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.