Skip to main content

Over-permissioned staff members at the heart of many data incidents

security
(Image credit: Shutterstock / Song_about_summer)

If you want to make your enterprise more secure but are unsure where to begin, securing digital identities (opens in new tab) may be a good jumping off point. A new report from security firm SailPoint says digital identities are one of the weakest links in the cybersecurity chain.

The report states that three quarters of all compromises that occurred in the last year came about as a result of over-entitled and over-permissioned access.

The company polled 262 technology professionals for the report, 40 percent of which serve as IT managers and directors, and almost a third as security managers and directors. All respondents said they had experienced a data breach in the last year, with almost a third stating that a million or more digital identities were compromised.

In almost three quarters of incidents, compromised identities led to unauthorized access to data on employees, partners, and contractors.

Perhaps one of the areas for fastest improvement would be to better manage inactive and outdated accounts. Two thirds of the report’s respondents said inactive accounts were compromised.

“We make it too easy for attackers when identities are left active months after the users have departed the organization or when an identity has far more privilege than is needed to get the job done,” said Grady Summers, EVP of Product at SailPoint. “I found the survey results fascinating because they clearly show how organizations can limit the blast radius of an attack by focusing on identity security."

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.