Enterprise Overconfidence in Privileged Access Management

Enterprise Overconfidence in Privileged Access Management

Today, privileged access management Centrify released the results of a new survey revealing mass overconfidence in preventing privileged access abuse.

Indeed, Centrify and TechVangelism discovered 79% of enterprises don’t have a mature PAM platform. However, a terrifying 93% express the belief they can handle threats to their privileged access, revealing the overconfidence.

In fact, Centrify and TechVangelism also found:

  • 52% of surveyed enterprises don’t use a password vault, a basic privileged identity capability.
  • 43% described their PAM platform as “nonexistent.”
  • 52% of enterprises don’t use multifactor authentication.

Tim Steinkopf, CEO of Centrify, shared his thoughts on these findings. “This survey indicates that there is still a long way to go for most organizations to protect their critical infrastructure and data with mature Privileged Access Management approaches based on Zero Trust.”

“We know that 74% of data breaches involve privileged access abuse, so the overconfidence these organizations exhibit in their ability to stop them from happening is concerning.”

Why Overconfidence in Privileged Access Management Can Prove Dangerous

Mr. Steinkopf’s statements highlight the danger in overconfidence in business-level privileged access management; hackers target your privileged users more than any other. After all, these credentials can access your enterprise finances, sensitive digital assets, and databases. Often, these accounts can actually remake or completely destroy your business processes or IT infrastructure if abused.

However, as evidenced by the above findings of unearned confidence in privileged access management, enterprises continue to neglect their superuser accounts. Previously, Centrify also discovered 26% of U.S. enterprises couldn’t even define privileged access.

More distressingly, enterprises express this kind of confidence while still engaging in some of the most blatantly unsafe identity security behaviors known. For example, many still use manual methods to manage their privileged identities. Others, as many as 65%, actual share their privileged access credentials.

Don’t let overconfidence define your identity and access management. It’s time to get next-gen. You can read the full survey here


Ben Canner