Insider and third-party access are growing security threats facing organizations and enterprise IT systems, according to Bomgar.
Proliferation of security issues
Despite rising awareness of the threats posed by users with privileged access permissions, most organizations still allow a myriad of internal and external parties to access their most valuable systems and data. Many are placing trust in both employees and third parties without a proven means of managing, controlling, and monitoring the access that these individuals, teams and organizations have to critical systems and networks.
Insiders and third parties
Respondents outlined two primary, yet distinct threats: insiders and third parties. Insiders are classified as employees or people acting as an employee for the business, including freelancers or on-premises contractors, while third parties are defined as external vendors or suppliers granted access to business systems, including outsourcers.
90 percent of security professionals trust employees with privileged access most of the time, but only 41 percent trust these insiders completely. Despite placing a lot of trust in employees by granting them privileged access, security professionals are paradoxically aware of the numerous risks that these individuals pose to the business.
While most were not primarily worried about breaches of malicious intent, they were concerned that a breach was possible due to employees unintentionally mishandling sensitive data, or that employee’s administrative access or privileged credentials could easily be phished by cyber criminals. Yet, businesses are still falling behind with only 37 percent of respondents having complete visibility into which employees have privileged access, and 33 percent believing former employees could still have corporate network access.
Most employees are not malicious
Generally, employees want to be productive and responsible at work, suggesting that most employees are not malicious, but rather skirt security best practices to speed up productivity. This is driving the need for access solutions that prioritize both productivity and usability, without sacrificing security, that can be seamlessly integrated into applications and processes that employees already use.
“It only takes one employee to leave an organization vulnerable,” said Matt Dircks, Bomgar CEO. “With the continuation of high-profile data breaches, many of which were caused by compromised privileged access and credentials, it’s crucial that organizations control, manage, and monitor privileged access to their networks to mitigate that risk. The findings of this report tell us that many companies can’t adequately manage the risk related to privileged access. Insider breaches, whether malicious or unintentional, have the potential to go undetected for weeks, months, or even years – causing devastating damage to a company.”
Data breaches through third-party access
The report also uncovered that data breaches through third-party access are widespread. External suppliers continue to be an integral part of how most organizations do business. On average, 181 vendors are granted access a company’s network in any single week, more than double the number from 2016. In fact, 81 percent of companies have seen an increase in third-party vendors in the last two years, compared to 75 percent the previous year.
With so many third-parties granted access to an organization’s systems, perhaps it’s no surprise that more than two thirds (67 percent) have already experienced a data breach was ‘definitely’ (35 percent) or ‘possibly’ (34 percent) linked to a third-party vendor. While 66 percent of security professionals admit that they trust third-party vendors too much, action has not followed this recognition.
Processes to control and manage privileged access for vendors remains lax, as evidenced by only 34 percent of respondents being totally confident that they can track vendor log-ins, and not many more (37 percent) confident that they can track the number of vendors accessing their internal systems.
“As with insiders, third-party privileged access presents a multitude of risks to network security. Security professionals must balance the business needs of those accessing their systems – whether insiders or third-parties – with security,” added Dircks. “As the vendor ecosystem grows, the function of managing privileged access for vendors will need to be better managed through technology and processes that provide visibility into who is accessing company networks, and when, without slowing down business processes.”