As a business owner in the digital age, you and your employees most likely use some kind of computer software in your day-to-day operations. If you're not keeping track of which employees have administrator access to your programs, you could be setting yourself up for a big-time security breach.
Software privilege management company Avecto recently surveyed more than 500 information security professionals to determine the greatest threats to organizations. According to their results, 41 percent of those surveyed named rogue employees as the biggest security threat .
And while granting employee access to software is often necessary for them to do their jobs, issues arise when they are given full administrator privileges that should only belong to a select few.
"Over 30 percent of respondents admit to having no policy in place for managing administrator access. This is particularly problematic, considering the rise in security incidents caused by rogue employees with administrator rights , such as damaging data leakage and reputational risk," according to Avecto.
It's disconcerting to think that you might not be able to trust all of your employees with sensitive company information, but Avecto co-founder and CEO Mark Austin said it's not only ill-willed employees who can put your company at risk.
"The most common threat comes from employees who download and install unauthorized software without understanding the potential risks associated with their actions,” Austin said.
Two such potential risks are malware exploits and targeted cyberattacks, which were cited by 31 percent of survey respondents as major security threats. When employees with administrator access download unauthorized applications, they open their corporate system up to highly sophisticated malware that specifically seek out privileged accounts.
"Users logging on with full administrator rights will continue to put organizations at real risk of infection," Austin said. "Unfortunately, organizations are still allowing administrator rights to go unmanaged, whether knowingly or unwittingly. This is a significant problem, particularly as the current crop of anti-malware software is repeatedly proving to be deficient in the fight against cybercrime."