Do You Know Who Has Admin Rights?
Looking to a somewhat biased study, more than half of you don't.
According to a survey of 600 security pros, 68 percent of you don't.
While the survey was conducted by Viewfinity, a company that sells privilege management software, and its results could be seen as its way of pushing its products onto you, the results, nonetheless, are worth a look.
The study also found that 20 percent of respondents said that up to 30 percent of employees had admin rights on server machines. If indicative of the real world (reminder, this is a survey conducted to sell its products), that is a scary thought that the power to do so much harm is in the hands of so many.
"One of the most popular ways to infiltrate servers is to exploit administrative rights on endpoints and, through that path, get into a position that allows for an attack on the vital part of the enterprise infrastructure,”"said Leonid Shtilman, CEO at Viewfinity. "Companies wouldn't go without antivirus -- so why would they give administrative rights to users when there is a way for properly managing privileges without exposing the company to unnecessary security risks?"
So what say you? Do you keep tabs on who holds onto the digital skeleton key in your enterprise? Do you use any privilege management solutions? Send me your thoughts at firstname.lastname@example.org or leave a comment below.