Restrictive Privileged Access Management Can Lead to Risky User Behaviors, According to SSH.COM

HELSINKI–([1])–SSH.COM[2] today announced the findings of a new survey, Re-Thinking Privileged Access Management in the Age of Hybrid Cloud[3], which reveal the risky behaviors that IT and application development professionals exhibit when organizations impose strict IT policies.

Polling 625 IT and application development professionals across the United States, United Kingdom, France, and Germany, the survey verified that hybrid IT is on the rise and shows no signs of slowing down. Fifty-six percent of respondents described their IT environment as hybrid cloud, an increase from 41 percent a year ago. On average, companies are actively using two cloud service vendors at a time.

While hybrid cloud offers a range of strategic benefits related to cost, performance, security, and productivity, it also introduces the challenge of managing more cloud access.

The survey found that cloud access solutions, including privileged access management software, slow down daily work for most respondents (71 percent). The biggest speed bumps were cited as configuring access (34 percent), repeatedly logging in and out (30 percent), and granting access to other users (29 percent).

These hurdles often drive users to seek risky workarounds, with more half (52 percent) of respondents claiming they would “definitely” or at least “consider” bypassing secure access controls if they were under pressure to meet a deadline. The majority of respondents (85 percent) also share account credentials with others out of convenience, even though most (70 percent) understand the risks of doing so. These risks are further exacerbated when considering that more than half (60 percent) of respondents use unsecure methods to store their credentials and passwords, including in email, in non-encrypted files or folders, and on paper.

“As businesses grow their cloud environments, secure access to the cloud will continue be paramount. But when access controls lead to a productivity trade-off, as this research has shown, IT admins and developers are likely to bypass security entirely, opening the organization up to even greater cyber risk,” said Jussi Mononen, chief commercial officer at SSH.COM. “For privileged access management to be effective, it needs to be fast and convenient, without adding operational obstacles. It needs to be effortless.”

In addition to exposing the risky behaviors of many IT and application development professionals when accessing the cloud, SSH.COM’s survey also revealed some unwitting security gaps in organizations’ access management policies. For example, more than 40 percent of respondents use public Internet networks – inherently less secure than private networks – to access internal IT resources. Third-party access was also found to be a risk point, with nearly a third (29 percent) of respondents stating that outside contractors are given permanent access credentials to the business’ IT environment. Permanent credentials are fundamentally risky as they provide widespread access beyond the task at hand, and can be forgotten, stolen, mismanaged, misconfigured, or lost.

Mononen continued, “When it comes to access management, simpler is safer. Methods like single sign-on can streamline the user experience significantly, by creating fewer logins and fewer entry points that reduce the forming of bad IT habits. There is also power in eliminating permanent access credentials entirely, using ephemeral certificates that unlock temporary ‘just-in-time’ access to IT resources, only for the time needed before access automatically expires. Ultimately, reducing the capacity for human error comes down to designing security solutions that put the user first and cut out unnecessary complexity.”

Download the full report here[4].

About SSH.COM

SSH.COM helps organizations access, secure and control their digital core – their critical data, applications and services. We have over 3,000 customers around the world, including 40 percent of Fortune 500 companies, many of the world’s largest financial institutions, and major organizations in all verticals. We are committed to helping our customers thrive in the cloud era with solutions that offer secure access with zero inertia, zero friction and zero credentials risk. SSH.COM sells online; through offices in North America, Europe and Asia; and through a global network of certified partners. The company’s shares (SSH1V) are quoted on the NASDAQ Helsinki. For more information, visit www.ssh.com[5].

References

  1. ^ (www.businesswire.com)
  2. ^ SSH.COM (cts.businesswire.com)
  3. ^ Re-Thinking Privileged Access Management in the Age of Hybrid Cloud (cts.businesswire.com)
  4. ^ here (cts.businesswire.com)
  5. ^ www.ssh.com (cts.businesswire.com)

Source URL: Read More
The public content above was dynamically discovered – by graded relevancy to this site’s keyword domain name. Such discovery was by systematic attempts to filter for “Creative Commons“ re-use licensing and/or by Press Release distributions. “Source URL” states the content’s owner and/or publisher. When possible, this site references the content above to generate its value-add, the dynamic sentimental analysis below, which allows us to research global sentiments across a multitude of topics related to this site’s specific keyword domain name. Additionally, when possible, this site references the content above to provide on-demand (multilingual) translations and/or to power its “Read Article to Me” feature, which reads the content aloud to visitors. Where applicable, this site also auto-generates a “References” section, which appends the content above by listing all mentioned links. Views expressed in the content above are solely those of the author(s). We do not endorse, offer to sell, promote, recommend, or, otherwise, make any statement about the content above. We reference the content above for your “reading” entertainment purposes only. Review “DMCA & Terms”, at the bottom of this site, for terms of your access and use as well as for applicable DMCA take-down request.

Acquire this Domain
You can acquire this site’s domain name! We have nurtured its online marketing value by systematically curating this site by the domain’s relevant keywords. Explore our content network – you can advertise on each or rent vs. buy the domain. Buy@TLDtraders.com | Skype: TLDtraders | +1 (475) BUY-NAME (289 – 6263). Thousands search by this site’s exact keyword domain name! Most are sent here because search engines often love the keyword. This domain can be your 24/7 lead generator! If you own it, you could capture a large amount of online traffic for your niche. Stop wasting money on ads. Instead, buy this domain to gain a long-term marketing asset. If you can’t afford to buy then you can rent the domain.

About Us
We are Internet Investors, Developers, and Franchisers – operating a content network of several thousand sites while federating 100+ eCommerce and SaaS startups. With our proprietary “inverted incubation” model, we leverage a portfolio of $100M in valued domains to impact online trends, traffic, and transactions. We use robotic process automation, machine learning, and other proprietary approaches to power our content network. Contact us to learn how we can help you with your online marketing and/or site maintenance.

Share