Enterprises wasting millions updating privileged passwords

By on
Enterprises wasting millions updating privileged passwords

Typical enterprise spends more than US$500,000 each year, research claims.

The costs associated with the manual updating of privileged passwords are becoming "astronomical", according to new research from security firm Cyber-Ark and industry analyst IDC.

The companies estimate that the typical enterprise spends more than US$500,000 a year simply maintaining and updating privileged passwords.

Privileged passwords are the non-personal, shared and administrative passwords that exist in virtually every device or software application in an enterprise.

Cyber-Ark claimed that companies are unknowingly losing millions of dollars annually on outages, labour-intensive work, legal liability and audit deficiencies related to mismanaged privileged passwords.

Unchecked privileged passwords can be an unmitigated security threat for an organisation, but the research uncovered a general lack of strict policies for creating and varying privileged passwords which could help prevent breaches.

Further complicating the issue is that many, if not most, privileged passwords are generic in nature and lack the personalisation necessary for tracking and auditing.

In fact, most organisations have more privileged user passwords than personal passwords, the researchers said.

"Our research shows that managing privileged passwords is a security conundrum," said Sally Hudson, research manager for IDC's Security Services and Identity Management Products programme, and author of the report.

"IDC believes that the risk can be significantly mitigated by implementing policies which demand special treatment for privileged passwords.

"These include the ability to disable an employee's system access promptly on employee termination, enforcing a company-wide password change on a regular basis and implementing reliable auditing and reporting systems."
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
enterprisesmillionspasswordsprivilegedsecurityupdatingwasting

Sponsored Whitepapers

Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection

Events

Most Read Articles

Kmart Australia stands up consent-as-a-service platform

Kmart Australia stands up consent-as-a-service platform
NSW digital driver's licences 'easily forgeable'

NSW digital driver's licences 'easily forgeable'
Kmart Australia re-platforms ecommerce site to AWS

Kmart Australia re-platforms ecommerce site to AWS
Westpac promotes its head of technology to mortgage role

Westpac promotes its head of technology to mortgage role

Digital Nation

COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
Metaverse hype will transition into new business models by mid decade: Gartner
Metaverse hype will transition into new business models by mid decade: Gartner
The other ‘CTO’: The emerging role of the chief transformation officer
The other ‘CTO’: The emerging role of the chief transformation officer
As NFTs gain traction, businesses start taking early bets
As NFTs gain traction, businesses start taking early bets
Case Study: PlayHQ leverages graph technologies for sports administration
Case Study: PlayHQ leverages graph technologies for sports administration

Log In

  |  Forgot your password?