infoTECH Feature
Survey Finds Many Companies Unaware of Security Risks
By A significant number of the IT administrators surveyed in a recent poll said their companies don’t have a clear understanding of the security risks they face.
The survey, conducted by risk assurance company Courion, found that 33 percent of the IT decision makers admitted that their employers don’t have an accurate assessment of internal or external risks. Courion (News - Alert) pointed to two reasons for this lack of awareness.
First, 23 percent of the companies highlighted in the survey don’t have a formal IT risk management program in place. Second, many of the businesses don’t regularly review user access rights to corporate data.
More than 90 percent of the IT admins polled said that reviewing user access to data is a key aspect of their risk management plans. But 60 percent said they review user access only once a year or even less. And 45 percent said they don’t regularly examine user access to high-risk data. According to Courion, this lack of regular security reviews can lead to excessive user rights and unwanted access by privileged users.
Further, businesses that do conduct user access reviews invariably find some holes.
Almost half (48 percent) of the companies surveyed uncovered excessive user rights to data. Thirty-nine percent found inappropriate access by privileged users. And 56 percent said they discovered situations in which access was still in place for an employer’s previous job.
As always, the company doing the survey has a vested interest in the results since Courion sells risk assessment and assurance services. But the results should still ring an alarm bell for IT professionals.
Sometimes it’s easy for security to take a backseat to other day-to-day problems and priorities. But with the threats facing business today, that approach does put critical data in jeopardy. It’s important for IT administrators to keep security at the forefront and make sure they’re conducting regular security checks to keep their businesses and data protected.
Lance Whitney is a journalist, IT consultant, and Web Developer with almost 20 years of experience in the IT world. To read more of Lance's articles, please visit his columnist page
Edited by Jennifer Russell
|
|
FOLLOW US |  |
 |
 |
infoTECH Headlines
Assyst10- A Pragmatic Approach to Management Needs
MSP Magnicom Helps Atlanta-Area Property Management Firm with IT Woes
Apacer Debuts Ivy Bridge Compatible Low-power High-speed DDR3-1600 1.35V SoDIMM
Maxthon Pushes for Improvement in Web Privacy at W3C
Implant Sciences' Issued Patent for Improving Trace Detection Technology
The NCR Express Key: Welcome to the New Self-Service Revolution
SFL Data Enables Early Case Assessment via Intelligent Case Assessment Workflow for Relativity
Peterson Partners Announces $3.5M Investment in CLEO Communications
NextIO Completes Series F Financing with $12.3 Million
Wind River Maintains Leadership in Traditional RTOS Market
Rich Tehrani
Rich Tehrani
Rich Tehrani
infoTECH Whitepapers
Reducing the Cost and Complexity of Web Vulnerability Management
Protecting Against Web Application Threats Using SSL – Chapter 1: How SSL Certificates Can Protect Online Business and Maintain Customer Trust
Protecting Against Web Application Threats Using SSL – Chapter 1: Combined Risk of Data Loss and Loss of Customer Trust
A Prescription for Privacy: What You Need To Know About Security Requirements for Electronic Health Records
Securing Microsoft Exchange 2010
Choosing a Cloud Hosting Provider with Confidence: VeriSign SSL Certificates Provide a Secure Bridge to Trusted Cloud Hosting Providers
Protecting Users From Firesheep and other Sidejacking Attacks with SSL
Best Practices and Applications of TLS/SSL
Security and Trust: The Backbone of Doing Business Over the Internet
Proof Positive - Extended Validation SSL Increases Online Sales and Transactions
