Over 50 percent of IT companies admit to providing their employees with local administrative privileges on Windows computers, despite the associated security threats, according to new insight from global security software company, Avecto. Of the 504 IT and security professionals surveyed across North America, the UK and Europe, a quarter were unsure about which users within their organisation have been assigned local admin privileges.
According to results, UK and European businesses have slightly more control over admin rights, with 45 percent of businesses in the UK and 40 percent of European businesses admitting to the use of local admin privileges, compared to 70 percent in the US. However, managers across these regions are still not confident in their visibility over who has these privileges, with 29 percent of IT managers in the UK and 19 percent in Europe unsure about this.
"These findings show that many companies are still not putting appropriate measures in place to counter the threat of admin rights," said Andrew Avanessian, chief operating officer at Avecto. "This is such a big mistake, because unnecessary admin privileges increase the risk of sensitive and business-critical data being deleted or shared, even accidentally."
The perception many companies have is that it’s extremely difficult to remove admin rights and time consuming to maintain the resulting environment. According to a report by Gartner, “the common misconception is that a user with local admin rights can do little harm and that administrative actions taken at the endpoint are isolated to the endpoint itself. Neither assertion is true." Gartner, Inc., "Reduce Access to Windows Local Administrator with Endpoint Privilege Management," Lori Robinson, October 20, 2017.
Avanessian continued: "Many of 2017's most famous data breaches including WannaCry and NotPetya could have been mitigated if basic controls such as privilege management and application control were in place to stop the attack from launching and spreading. The right technology, which is often simple to implement, means organizations no longer need to compromise - you can ensure that employees have what they need to perform their role while safeguarding the business from attacks."
Gartner Research, Reduce Access to Windows Local Administrator With Endpoint Privilege Management, 20 October 2017