Survey: Asia IT pros need to improve admin account management

More than one-third of Asia Pacific IT executives have no idea how long it takes to discover attacks of their privileged accounts, said security firm Cyber-Ark Software recently when releasing results of a survey.

Privileged accounts are powerful administrator accounts within the IT infrastructure, which includes default and hardcoded passwords and application accounts. These accounts often provide access to the enterprises' core IT infrastructure or sensitive corporate data.

The study surveyed 989 IT executives across the world earlier this year, with 200 of them from the Asia Pacific region. While 25% of the regional IT leaders indicate they could detect attack on privileged accounts within hours or minutes, 37% stated they don't know how long it'd take.

"These privileged accounts are often targets of the cyber attackers because of the information they could access," said Cyber-Ark CEO Udi Mokady. "But if enterprises don't monitor activities of these accounts, it's not surprised that they don't know when these accounts are being compromised."

The study also indicates more than half (52%) of the Asia IT executives believe cyber attackers -- including phishing and malware -- is currently in the network or breached the network in the past year.

Integration creates vulnerability

Despite a high level of cyberattacks and the criticality of these privileged accounts, enterprises still share passwords among employees within the IT team. Mokady said that some enterprises even share the IT infrastructure administrator accounts information with their outsourcing providers. To enable integration across multiple databases and applications, password to access the database is often embedded into the code.

"This is often necessary and it's part of the process," Dan Dinnar, vice president sales Asia Pacific noted. "If passwords are changed, enterprises need to re-code the applications, so often these passwords remain unchanged for decades."

Aiming to manage privilege accounts and monitor activities related to each of them, Cyber-Ark provides a management platform, which creates a personalized account for each person -- both IT staff and outsourcing providers' employees--to monitor their access and activities in using these privileged accounts.

He added that some outsourcing and cloud providers are also using their products to raise the security level and monitor capability for their customers. But in Asia, Mokady said most of the interest's from enterprises.

He said organizations focused their security investment on the perimeter in the past few years, but awareness of internal attacks is raised again with the Snowden incident.

"More enterprises and organizations are realizing there could be a Snowden within their own company," Mokady said. "That person could be accessing the enterprises most critical data one day, but using the administrator accounts for malicious activities on the other."

Join the CSO newsletter!

Error: Please check your email address.

Tags business issuesCyber-Ark Softwarepersonnelsecurity

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Sheila Lam

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place