While IT professionals recognize the dangers that unauthorized applications cause to their networks, most are letting these dangers go unnoticed, according to a survey by Avecto.
The study, conducted across TechEd North America and TechEd Europe attendees, surveyed more than 1,500 IT professionals, many of whom hold decision-making and purchasing power in a wide array of work environments, vertical sectors, and job functions.
The survey unearthed the extent to which unfettered, unmanaged and infected applications can potentially sneak onto networks, wreaking havoc before being noticed.
Seventy-six percent of those surveyed said they don’t know how many unauthorized applications have been downloaded on their networks. This disconnect suggests that organizations will continue to invite infection to their networks if they provide excessive administrator rights to users.
This is especially problematic with younger workers increasingly demanding elevated rights on corporate PCs.
Among the survey’s notable findings:
- More than one-third of respondents had first-hand experience with the dangers of elevated admin rights, with nearly 40% reporting a network infection as a result of at least one unauthorized application being downloaded on their network.
- 80% of those surveyed pointed to male employees, between the ages of 20 to 35-years-old, as the most likely to demand elevated rights. When considered in parallel with other trends blurring boundaries at work, such as BYOD, a troubling trend emerges in which younger workers have potentially dangerous expectations regarding technology and the workplace.
- IT professionals are largely aware of the benefits of removing admin rights, as more than 50% of respondents would expect a decrease in support calls, and affiliated costs, as a direct result of removing admin rights. Yet, many feel mounting pressure from younger, tech-savvy employees for full administrator rights.
“Staff who have admin rights can unwittingly or irresponsibly download applications that contain malware and cause significant problems if entered into the corporate network,” says Paul Kenyon, Avecto co-founder and Chief Operating Officer. “The answer is simple – don’t give admin rights out to everyone, only to the few key IT administrators who really need them. You will see an immediate decrease in security risk and associated downtime as well as an increase in productivity from IT.”
Windows desktops that run with full administrator rights will continue to put organizations at real risk of infection as the sophistication of privilege escalation malware continues to evolve. Once malware gains access to administrator rights, it will continue to burrow deeper into the organization’s infrastructure.