Survey Reveals Little Confidence in Companies' Efforts to Securely Store and Manage IT Administrative Passwords.DEDHAM, Mass. -- Half of IT Professionals Surveyed Struggle with Mundane, Labor-intensive Manual Processes for Password Management, Hindering Efforts for Regular and On-demand Resetting of Passwords Cyber-Ark(R) Software, the information security company that invented and markets Vaulting vaulting Gymnastics exercise in which the athlete leaps over a form that was originally intended to mimic a horse. At one time, the pommel horse was used in the vaulting exercise, with the pommels (handles) removed. Technology(TM), today revealed the results of recent research illuminating the industry-wide struggle to safely and easily share and manage administrative passwords that provide access to the network, systems and application backbone of enterprises worldwide. The survey of nearly 200 information technology (IT) security professionals, conducted at Europe's largest information security event, Infosecurity, revealed: --Half (50 percent) of survey participants were not very confident that passwords were stored securely in their organization. One quarter (25 percent) said that IT staff can access administrative passwords without permission. --Less than a third (32 percent) were storing administrative passwords digitally. The remainder continue to use labor-intensive, manual processes, including paper copies stored everywhere from locked cabinets to physical safes. --19 percent of respondents estimated that their colleagues still keep passwords on Post-It Notes while 14 percent use unsecured Excel spreadsheet files. --Half of all security professionals change administrative passwords monthly or more frequently; however, nearly 10 percent of companies NEVER change IT administrative passwords. --62 percent of companies have seen an increase in auditing of their security practices due to recent legislation. "Companies are realizing they need to become far more nimble in their ability to regularly and rapidly change the passwords that literally are the keys to the IT infrastructure kingdom. Unfortunately, until now, it's been virtually impossible to securely automate what is traditionally a very manual, time-intensive process," said Tom Crawford, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Cyber-Ark. "They are caught in a catch-22 between locking up passwords tight and providing the rapid access and management needed to make changes that avoid expensive downtime or security breaches." Already, Cyber-Ark's Network Vault for Passwords has helped scores of organizations secure and dramatically simplify the management of administrative passwords, including some of the world's largest financial services The examples and perspective in this article or section may not represent a worldwide view of the subject. Please [ improve this article] or discuss the issue on the talk page. firms, insurance companies, government agencies, telecommunications providers, gaming enterprises and energy companies. This includes European direct debit direct debit Noun an order given to a bank or other financial institution by an account holder to pay an amount of money from the account to a specified person or company at regular intervals direct debit n processor Voca, which recently transitioned its password management, replacing the physical safes used to store over 800 administrative passwords and redeploying staff dedicated to administering passwords. "Cyber-Ark has cracked the code for automating a potentially insecure and immensely time-consuming process of storing and managing administrative passwords," said Keith Reeve, Manager Certification Authority See CA. and Access Control, Voca. "We've replaced physical safes with virtual ones, using Network Vault for Passwords to securely automate administrative passwords critical to the systems that support our business." Organizations interested in viewing how much they can save by migrating to automated, electronic Vaulting of administrative passwords can ask a Cyber-Ark representative to provide them with the Cyber-Ark's Password Vault ROI (Return On Investment) The monetary benefits derived from having spent money on developing or revising a system. In the IT world, there are more ways to compute ROI than Carter has liver pills (and for those of you who never heard of that expression, it means a lot). calculator. Network Vault for Passwords Network Vault for Passwords provides a "safe haven 1. Designated area(s) to which noncombatants of the United States Government's responsibility and commercial vehicles and materiel may be evacuated during a domestic or other valid emergency. 2. " within the enterprise where all administrative passwords can be archived, transferred and shared among IT staff, on-call administrators, as well as administrators in the field. It is an end-to-end solution (jargon) end-to-end solution - (E2ES) A term that suggests that the supplier of an application program or system will provide all the hardware and/or software components and resouces to meet the customer's requirement and no other supplier need be involved. Compare: turn-key solution. that protects passwords during transmission and at rest with multiple layers of integrated security, granular access control mechanisms and graphical auditing solutions to thoroughly track every password's whereabouts. The Central Password Manager A password manager is software that helps a user organize passwords and PIN codes. The software typically has a local database or files that holds the encrypted password data. enables organizations to change passwords automatically on remote machines and then store these new passwords in the Vault "In the Vault" is a short story by American horror fiction writer H.P. Lovecraft, written on September 18, 1925 and first published in the November 1925 issue of the amateur press journal Tryout. , without any human intervention and all according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. predefined organizational policy. The Central Password Manager contains built-in methods that change third-party entity passwords, such as a Windows Domain administrator password and a Unix Root user password. About Cyber-Ark Software Cyber-Ark Software is the leader in Vaulting solutions for securely connecting enterprises. The Company's Inter-Business Vault enables the creation of secure instant wide area networks (WANs) for connecting enterprises with partners, customers and sub-contractors over the Internet - enabling them to exchange information as if they have deployed a shared WAN, but without actually doing so. Cyber-Ark's leading Inter-Business Vault applications include solutions for Treasury Management files, PLM (Product Life cycle Management) A comprehensive information system that coordinates all aspects of a product from initial concept to its eventual retirement. Sometimes called the "digital backbone" of a product, it includes the requirements phase, analysis and design and CAD/CAM CAD/CAM in full computer-aided design/computer-aided manufacturing. Integration of design and manufacturing into a system under direct control of digital computers. files, and Source Code. In addition to its business-to-business solutions, Cyber-Ark's Network Vault provides solutions for securely managing critical information, such as administrative passwords and critical documents, within the enterprise. Today Cyber-Ark enjoys strong customer relationships with more than 150 Global 1000 companies around the world. Founded by a group of leading military security experts and computer engineers, Cyber-Ark Software is privately held and backed by some of the world's most successful venture capitalists Venture Capitalist An investor who provides capital to either start-up ventures or support small companies who wish to expand but do not have access to public funding. Notes: Venture capitalists usually expect higher returns for the additional risks taken. , including Jerusalem Venture Partners, Seed Capital Partners (a SOFTBANK Affiliate), JP Morgan/Chase Partners and Vertex Management. The Company is located in Dedham, Mass. and on the World Wide Web at www.cyber-ark.com. Cyber-Ark, Network Vault, Inter-Business Vault and Vaulting Technology are trademarks of Cyber-Ark Software Ltd. in the U.S. and/or other countries. All rights reserved. |
|
Printer friendly
Cite/link
Email
Feedback
Reader Opinion