Privileged accounts risk security, ISO compliance
By Nicole Kobie,
IT departments need to keep an eye on their privileged users, as such accounts are the weak link in security, according to a new study.
The CA-commissioned survey of 270 firms found 41 per cent of firms claiming to be ISO27001 compliant actually break the rules, such as allowing privileged users to share their accounts.
In the UK, 47 per cent of firms are ISO compliant, but 30 per cent had never heard of standard regarding privileges and 56 per cent weren’t sure if admin accounts were being shared.
The study also found that a quarter of firms across Europe use time-consuming, error prone manual controls to manage their privileged users.
Indeed, the report showed IT managers aren’t very concerned with the issue, ranking malware, the internet, internal users and web 2.0 tools as more threatening security risks.
CA director of security solutions Simon Godfrey said the study’s results showed IT admins were overlooking such accounts as a security risk.
"While such access is necessary, it is most commonly managed on an ad hoc basis and, despite claims to pay heed to the requirements of regulators, requirements with regard to privileged users are often overlooked,” he said in a statement.
“It is in the best interests of individual IT managers, the IT department, and the overall business to have measures in place to control and monitor privileged users.”
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
Do British police get cyber security?
Davey Winder listens to telephone conversations between the FBI and the Metropolitan Police, courtesy of Anonymous, and isn't impressed.
- Who to trust after the VeriSign hack?
- Striving to solve the security skills crisis
- Would you employ a hacker or malware writer?
- Q&A: Raj Samani, CTO McAfee
- Erase and rewind: the EU and privacy
- My email address is [CENSORED]
- Is there such a thing as a secure tablet?
- 2011: The year in news
- BYOD: Old or new, good or bad?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Ubuntu vs. Windows 7 on the business desktop
- York researchers heat storage to speed up data
- BlackBerry Bold 9790 review
- OneNote hits Google?s Android
- O2 trials Olympic-scale remote working
- Will someone rid me of these troublesome Macs?
- Lenovo beats expectations again
- Who to trust after the VeriSign hack?
- Google to promise fairness after Motorola buy
- Report: Google cloud storage coming soon
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
