State of the Corporate Perimeter Survey
In 2015, Centrify corporation surveyed more than 400 IT decision makers (ITDMs) in the US and UK to find out one thing: are corporations as secure as they should be? Major breaches like Sony and the Office of Personnel Management make headlines but how much are hackers costing organizations that don't make the front page?
Centrify's hypothesis was that protecting identity is at the heart of protecting data. Survey results support this claim and more.
Sharing Access Credentials
of US ITDMs report sharing access credentials with other employees at least somewhat often. Another share access at least somewhat often with contractors. In the UK, the numbers are and respectively.
It's worth noting that if those shared credentials provide access to privileged accounts, hackers essentially receive the- elevated access to an organization's most critical data, applications, systems and network devices.
Former Employee Access
53% of US ITDMs say it would be at least somewhat easy for a former employee to still log in and access data. In the UK, the number is 32%. Half of ITDMs say it can take up to a week or more to remove access to sensitive systems.
These numbers underscore what is widely perceived as a growing gap in security, visibility and control over individual accounts, both privileged and otherwise.
Organizations are far more vulnerable than they care to admit
- 55% of US ITDMs said their organizations had been breached in the past
- 44% of US companies had breaches that together cost millions of dollars
- 45% of UK ITDMs said their organizations had been breached in the past
- 35% of UK companies had breaches that together cost millions of dollars
Food for Thought
Notably, happy hours, birthdays and kitchen etiquette get more airplay than security in the workplace.
Separately, when we asked IT folks if they could break in anywhere and get away with it, they chose:
- The White House
- David Cameron's private email
- Bill Gates
- My bank
- Papa John's Pizza
But in all fairness, most respondents replied that they would never do such a thing.
Sounding the Alarm
IT managers are sounding the alarms to little avail.
48% of US & 30% of UK ITDMs have had to fight their organizations for stricter protocols
42% of US & 27% of UK ITDMs have lost the battle for stricter protocols
28% of US & 40% of UK ITDMs say security isn't getting enough attention