Learn more now with one of these resources:

Local councils across Australia are struggling with managing privileged access.

Employees have admin rights on their computers beyond what they need. Password re-use is commonplace both at work and at home.

In addition, is the struggle of timely management of user accounts, including the retiring of non-active accounts or those of departed employees or updating the appropriate privileges of users, increasing cybersecurity risks for councils.

Privileged access is central to almost every security incident and breach today—from establishing an initial foothold, to lateral movement to escalating rights. According to Forrester, 80% of data breaches involve privileged accounts.

The Challenge

A recent report by the NSW Auditor General highlighted the common challenges faced by local councils when it comes to privileged access:

  • Over half of local councils did not monitor privileged accounts' activity logs.

  • More than a third of councils did not perform a periodic user access review to ensure users’ access to key IT systems are appropriate and commensurate with their roles and responsibilities.

Where robust access management processes are not in place, inappropriate access may exist, increasing the risk of unauthorised transaction or modification of sensitive data and transactions.

NSW Auditor General, Report on Local Government 2020

For councils looking to improve their privilege access management there are several steps that they can take, including:

  • Implementing Least Privilege

    Least privilege is the concept and practice of restricting access rights for users, accounts, and computing processes to only those resources absolutely required to perform routine, legitimate activities.
  • Deploying Endpoint Privilege Management

    Remove excessive end user privileges and control applications on Windows, Mac, Unix, Linux, and network devices without hindering end-user productivity.
  • Securing their remote access

    BeyondTrust's Secure Remote Access solutions enable organisations to apply least privilege and robust audit controls to all remote access required by employees, vendors, and service desks.
Prefers reduced motion setting detected. Animations will now be reduced as a result.