To increase operational efficiency, organization has to focus on employee management and security level. In this direction, a new technology called privileged identity management (PIM) and privileged activity monitoring (PAM). Recently, BalaBit IT Security conducted a survey with interviewing more than 400 IT professionals.

The company is a global leader in information security, developing privileged activity monitoring, trusted logging, and proxy based gateway technology to help customers against external and internal threats.

The survey was accomplished between September 2013 and January 2014. The IT professionals included system managers, system administrators, and IT workers, CIOs, CSOs were from Europe, UK, Germany, Hungary, and France. Out of these IT professionals, 44% respondents belonged to large organizations, while 34% and 22% belonged to middle size and small size organizations. The respondents represented different sectors like:

  • 38% from IT and Telecom
  • 26% Government
  • 16% Financial
  • 7% Retail
  • 5% Manufacturer
  • 3% Healthcare

Survey Findings:

By showing the importance of monitoring of privileged users, the respondent have to rank the reasons from most important to the least important. Out of total respondents, 98% respondents said that PAM (privileged activity monitoring) could enhance the level of protection of system security. While 16% said, they have no solution deployed against potential insider threats. The top 10 questions were ranked by respondents are as follows.

  • 60% considered “Detect/track suspicious user behavior and prevent incidents” the most important factor.
  • 46% considered Control and audit IT service providers as the second most important factor.
  • 42% considered Control and audit internal IT staff as the third most important factor.
  • 40% ranked “Support IT/network staff in troubleshooting” factor on fourth position.
  • 32% ranked “Support internal business processes (i.e., reporting)” factor on fifth position.
  • 28% ranked “Meet/prove compliance with regulatory requirements” factor on sixth position.
  • 27%ranked “Control and audit virtual desktop infrastructure (VDI) users” factor on seventh position.
  • 23% ranked “Reduce costs for IT operations” factor on eighth position.
  • 22% considered “Support forensics investigations” factor on ninth position.
  • 22% considered “Reduce costs for security audits” factor on tenth position.

TechnoCR

Zoltán Györkő, CEO of BalaBit IT Security said that many decision makers ignore the human factor and consider only virtual and physical infrastructure. The firewall protection seems to be ineffective against Advanced Persistent Threats (APT) or internal attacks.

Additional findings: The survey also shed a light on protection of IT assets and found the following responses.

  • 63% respondents said they use Firewall/IDS/IPS. Out of which 37% showed interest in Firewall protection for security IT assets.
  • 37% respondents use Identity password management.
  • 30 % apply Network Access Control (NAC).
  • 25% respondents use Activity Monitoring.
  • 16% companies have no protection solution.
  • 4% companies use other sources.

TechnoCR

Encrypted Protocol used by the companies:

The survey also focused on the usage of encrypted protocol used by major companies for administrative purpose. HTTPS stands alone with 62% from total respondent companies. While 33% companies still run their website on HTTP URL. While 23%, use Telnet protocol.

technocr

At the conclusion, it is advisable to follow enough security parameters strictly. There should be restriction for employees’ personal devices (BYOD) as it can be hazardous for organization in the absence of proper security policy.

Sara Wright

Sara Wright

Internet Marketing Expert at ClickSSL
Sara Wright works at ClickSSL since 4 years and during these years; she writes so many articles on web security awareness, threat analysis, and cyber crime and completely devoted to online marketing efforts. She also wants people and different organizations to bring their attention to evolving cyber security problems and for that she is actively participates in different security programs and spread her knowledge through different blogs, websites, social media platforms, etc.
Sara Wright

@saraw0

Prevention is better than Repentance. #infosec #security #Malware #news #mobilesecurity
8 ways Governments can improve their #Cybersecurity https://t.co/AlH7vlIzMj https://t.co/eP8uWijpHS - 1 day ago
Sara Wright

Latest posts by Sara Wright (see all)