Earlier this year, Bomgar released its 2017 Secure Access Threat Report, new research that revealed insider access to be a growing threat for organizations around the world. The survey or more than 600 IT and security professionals explores the visibility, control, and management that IT organizations in the U.S. and Europe have over employees, contractors and third-party vendors with privileged access to their IT networks.
For the majority of companies, suffering an information security breach is no longer a question of if, but when. Despite being aware of the threats, most organizations still allow a myriad of internal and external parties to access their most valuable systems and data, placing a lot of trust in employees and third-party vendors. Unfortunately, they also lack a robust system for managing, controlling, and monitoring the privileged access that these individuals, teams and organizations have.
Insider Access – the paradox of trust and risk
It’s a fundamental aspect of information security that certain employees and contractors must – by virtue of their function or role – be granted privileged access to, and rights within, corporate systems. This is a relationship built on trust, and most of the time employees with privileged access are deemed to trustworthy.
The report revealed that 90 percent of security professionals trust employees with privileged access most of the time, but only 41 percent trust these insiders completely. Despite placing a lot of trust in employees by granting them privileged access, security professionals are paradoxically aware of the numerous risks that these individuals pose to the business. While most were not primarily worried about breaches of malicious intent, they were concerned that a breach was possible due to employees unintentionally mishandling sensitive data, or that employee’s administrative access or privileged credentials could easily be phished by cyber criminals. Yet, businesses are still falling behind with only 37 percent of respondents having complete visibility into which employees have privileged access, and 33 percent believing former employees could still have corporate network access.
Another key finding from the report is that security solutions are hindering productivity. As a rule, employees want to be efficient at work and, when faced with security measures that appear to hinder productivity, immediately institute shortcuts without considering the risks. To address this, organizations must implement a security solution that can be seamlessly integrated into the applications and processes that employees already use.
So how can organizations mitigate these risks and better protect the access to their most critical systems, while not hindering productivity? Look no further than Bomgar Privileged Access. Our solutions enable security professionals to control, monitor, and manage access to critical systems by authorized employees, contractors, and third-party vendors. Bomgar’s unique, VPN-free approach allows companies to quickly gain control of privileged access to both traditional and web-based systems to protect against cyberattacks and meet compliance requirements without hindering productivity.
This month, Bomgar will be exhibiting and showcasing our secure access solutions at Black Hat, July 26 – 27, in Las Vegas. For more details on how to secure and control privileged access for insiders, download a free copy of the 2017 Secure Access Threat Report, and check out this webinar recording that explores the report’s findings.
Sam Elliott, Director of Security Product Management
At Bomgar, Sam is responsible for the product management group that is driving product strategy for Bomgar’s security products. He has more than a decade of information security, ITSM, and IT operations management experience. He also is a seasoned expert in the areas of cyber-security, data center discovery, systems configuration management, and ITSM. Sam has a Bachelor of Science from Florida State University and is certified in ITIL v3 and Pragmatic Marketing. He resides in Atlanta, GA with his family and can be found on twitter @samelliott.