Thursday, October 20, 2011

More on privileged account (mis-)management

Check out this story I read on InformationWeek: Are Your IT Pros Abusing Admin Passwords?

Just goes to show you that this is a problem that is nearly endemic due to the fact that we have far too many passwords to remember - and that includes privileged account passwords.
  • 42% report that IT staff freely share passwords and access to multiple business systems and applications.
  • 25% of survey respondents said that at least some of the superuser passwords that grant all-access rights to hardware, applications, or databases were less complex than the business' end-user password policies required.
  • 48% of survey respondents reported that privileged account passwords at their business had remained unchanged for at least 90 days.
It's only getting worse with more and more cloud applications and services being used. What's going on with your admin passwords for, for example? What are you going to do about Office365? Exactly.

No comments: