New Research on Privileged Access Management Reveals the Status Quo Is Not Secure

October 11, 2019 at 9:00 am

Ponemon Institute is pleased to announce the release of a new study that presents four years of research on how elevated access to high-value information assets can be a serious risk to organizations when not properly secured. Sponsored by Sila Solutions Group, the 659 respondents we surveyed self-reported that they have privileged access to IT resources and 77 percent of these respondents have access to at least three IT resources with 40 percent holding privileged access to six or more IT resources.

The key takeaway from this research is that the status quo in privileged access management programs is not decreasing the risk to critical information resources. In fact, 56 percent of respondents expect privileged user abuse to increase in the next 12 to 24 months, a significant increase from 44 percent of respondents in the 2011 research. Following are problems organizations face when trying to mitigate the risk:

  • Employees or contractors often access sensitive or confidential data without a business need and sometimes share their access credential with others in the organization.
  • Organizations don’t have a unified view of privileged user access across the enterprise.
  • A lack of resources, in-house expertise and in-house technologies are challenges to improving the efficiency and security of access governance process. Specifically, organizations are struggling to keep pace with the number of access change requests and to reduce burdensome processes for business users requesting access.
  • Too much reliance on manual processes for granting privileged user access and reviewing and certifying privileged user access hinders organizations’ abilities to meet growing requests for access changes.

According to the research, business and IT leaders need to look beyond simple tool integration and a check-the-box mentality. To learn more about how to address the challenge of achieving a more secure privileged access management the full report is available for download.

Warmest regards,

Dr. Larry Ponemon