Mismanagement of privileged passwords costs enterprises millions

Cyber-Ark announced the release of new research into Privileged Passwords – the non-personal, shared and administrative passwords that exist in virtually every device or software application in an enterprise – which shows companies are unknowingly losing millions of dollars annually due to costly outages, labor-intensive work, legal liability and audit deficiencies related to mismanaged privileged passwords. To simply maintain and update privileged passwords, the report estimates the typical enterprise spends more than $500,000 each year.

These trends and statistics are summarized in a white paper by IDC and sponsored by Cyber-Ark entitled “Privileged Password Management: Combating the Insider Threat and Meeting Compliance Regulations for the Enterprise”. Alarming facts from the research include the following findings:

” Privileged passwords if unchecked can be an unmitigated security threat for an organization.
” Astronomical costs are associated with the manual updating of privileged passwords. The yearly cost of manually changing privileged passwords average $500,000+ for the typical Fortune 2000 company.
” There is a general lack of strict policies for creating and varying privileged passwords which would aid in the prevention of costly security breaches.
” Further complicating the issue is that many if not most privileged passwords are generic in nature and lack the personalization necessary for tracking and auditing purposes.
” Most organizations have more privileged user passwords than personal passwords.
” Most organizations today use the same password for many systems and devices. This creates a common security hole that can be exploited by external hackers.