Accessibility Links

Tuesday, November 19, 2013

73 Percent of IT Security Professionals Have Still Not Prioritized Uncontrolled Privileged Access

MANCHESTER, U.K., and Boston, MA

Survey reveals lack of attention to user privileges, despite major security concerns and continued growing threats caused by users and IT admins.

Threat of the Insider Infographic

The NSA's notorious insider breach has caused 52 percent of IT security professionals to reconsider their approach to user and systems administrator privileges, yet the majority aren't taking action, according to a survey released today by Avecto. Its findings reveal that organizations continue to lag when it comes to controlling the use of administrator rights in their IT environment.

Conducted at the McAfee FOCUS 2013 conference in October, the survey comprises responses from 348 decision-making information security professionals. While the majority of respondents said the recent Edward Snowden affair has heightened concerns around IT admins with excess privileges, 73 percent admitted that their organizations' privilege management policies remain unchanged.

Though 33 percent of respondents cited rogue employees as the most important security threat to their organization, 40 percent of respondents pointed to malware as the key vulnerability. This further demonstrates why organizations must prioritize their policies around administrative rights, given that users with excess privileges are more likely to introduce malware via unauthorized downloads or system tweaks.

Other notable findings include:

  • For organizations that have reduced the number of administrator rights in their IT environment, malware mitigation was the key driver for 33 percent of them, followed by external compliance (14 percent), internal compliance (11 percent) and insider threat (11 percent).
  • More than 50 percent of respondents claimed that their system administrators posed moderate to high risk to the network, yet only 20 percent are aware of how many server administrators in their organization are currently running with administrator rights.
  • 45 percent of respondents have experienced server outages due to configuration errors by server administrators.

"Media attention around the NSA's high-profile breach has created a significant turning point in how organizations think about security, with the IT function now increasingly aware of how attacks can stem from users and system admins with excess privileges," said Mark Austin, CEO at Avecto. "But awareness alone is not enough for network protection. Closing the disparity between those who realize the risks and those who are actively mitigating them is essential if organizations are to effectively defend against cybercrime, especially in today's advanced threat landscape."

Austin continues, "Enterprises are finding that the principle of least privilege, which leverages targeted privilege elevation and grants users standard accounts rather than administrator ones, can enable tighter security around excessive rights, without restricting employees from efficiently carrying out their day-to-day tasks."


  • Avecto's survey findings reveal a market need for privilege management solutions to act as part of defense-in-depth security strategies. To meet this demand, Avecto now offers an upgraded version of its Privilege Guard ePO Edition, Privilege Guard ePO Edition 3.8, which provides complete management of Privilege Guard from within the McAfee ePolicy Orchestrator (McAfee ePO) platform. This latest edition includes many new features to provide more granular control over privileged access.
  • Learn more about Avecto and Privilege Guard by visiting
  • Connect with Avecto on its blog, on LinkedIn and on Twitter

About Avecto

As the market leader in privilege management, organizations rely on Avecto's award-winning technology to significantly improve their desktop and server security, while measurably reducing operating expenses. Avecto constantly drives to invent and reinvent ways in which to improve your security defense through next generation technology.

As a McAfee SIA Plus and Microsoft Gold Partner, Avecto has built a network of system integrators and channel partners to provide its customers with the very best solutions - solutions that utilize existing infrastructure and maximize investment.


Sarah Hurley

Solutions for Desktops

Solutions for Desktops

See how Privilege Guard can improve desktop security and operations.

Solutions for Datacenter & Cloud

Solutions for Datacenter & Cloud

Understand how Privilege Guard helps to secure your mission critical servers.



Download the latest Privilege Guard ePO and Group Policy Edition Datasheets.

Top of the page