Businesses have not yet mastered the deployment of privileged access management. In the UK and the US, the improper management of privileged access leaves many businesses at risk of ransomware attacks, data breaches and other malicious attacks.
In a new report from Forcepoint, which involved more than 1000 workers, the situation is the same in both the public and private sectors. Forcepoint says that many employees can access sensitive data that they do not need to do their jobs well.
Even where employees needed privileged access in the past, it was not revoked once they were done with it.
The employees with privileged access sometimes got it for no apparent reason. Decisions like these can unknowingly pose a threat to the companies’ cybersecurity. The employees might also abuse their access to access materials that they should not have or make copies of sensitive data.
While some of them will access the data just because they are curious, others may be pressured or coerced or bribed by other companies, to share data. It would be a form of corporate espionage or sabotage, which is a crime.
However, with proper management of privileges, an enterprise can ensure that they are not at risk.
In order to understand these risks, Nick Popp, the Chief Product Officer at Forcepoint, says that the companies have to do more than look at logs or changes in configuration.
Incident-based security tools can result in multiple false positives. What the IT teams and security leaders need to do is correlate activity from more than one source, like trouble tickets, badge record, review keystrokes, archives, videos and UEBA tools.
But few businesses are leveraging the technology available to keep sensitive information safe.
Also read: What is privileged access management?