Sensible Access Right Management is the Key for Good Cyber Security!
The risk level of an organization’s cyber security, and the organization’s access right policy often go hand in hand. According to a survey conducted by Centero, there is a surprisingly large number of organizations where the access right management is not taken as seriously as it should be.
Centero conducted a survey with their customers, and the results showed that there lies a serious cyber security threat in the way organizations distribute elevated access rights. According to Centero’s survey, elevated access rights are used as follows:
- 52 % of organizations have elevated access rights on all workstation.
- 20 % of organizations have elevated access rights on some of the organization’s workstations.
Only 28 % of all the organizations in the survey didn’t have elevated access rights on their workstations!
Clarity for Access Right Policy
In today’s world, every organization needs to take into account the risks related to access rights. Sensitive data, covered by data protection laws, is handled on devices that can each end up leaking information or spreading malware.
When assessing the situation of your access rights, there are a couple of key questions you can start with:
- How does your organization give out admin rights?
- Are there permanent admin rights on all workstations within the domain, or do you give temporary admin rights to local ID’s when needed?
If your answer to one or both of these questions was “I don’t know”, you really should do something about your organization’s access right policy, and consider following a cyber-secure process for giving out admin rights.