Too many staff have privileged work accounts for no good reason, reckon IT bods

2020-09-28 09:07

Around 40 per cent of staff in British and American corporations have access to sensitive data that they don't need to complete their jobs, according to recent research.

In a survey commissioned by IT security firm Forcepoint of just under 900 IT professionals, 40 per cent of commercial sector respondents and 36 per cent working in the public sector said they had privileged access to sensitive data through work.

Carried out by the US Ponemon Institute, a research agency, the survey also found that about 23 per cent of IT pros across the board reckoned that privileged access to data and systems was handed out willy-nilly, or, as Forcepoint put it in a statement, "For no apparent reason".

Access management is a critical topic for IT security bods, especially as COVID-19-induced remote working introduces challenges for the monitoring of data access and intra-org flows.

More than half thought incident-based security tools yielded false positives as well as too much data "Than can be reviewed in a timely fashion", revealing that workers think gotta-log-em-all security tools may be more of an obstacle to finding and plugging system breaches - or malicious people exfiltrating valuable data.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/09/28/research_user_privileges/