Andrew Dalglish, director of Circle Research, a UK based research firm recently said “The very people working in businesses can pose as the biggest threat to its security.” That’s a pretty huge statement to make come to think of it. Why would he say that when organizations across the world are taking the necessary precautions and spending billions on IT security? Well the answer to that is simple; most organizations are still focused on thoroughly securing their perimeter. Based on a survey by SpectorSoft, a pioneer in user activity monitoring and behavior analysis, a staggering 62% organizations saw a rise in insider attacks over 2014-2015. This means, although a majority of the organizations are aware of privileged access security and have security solutions in place, they have seen a rise in insider threats. Research firm Gartner has solved this mystery stating “Less than 5% of the organizations were tracking and reviewing privileged activity in 2015. The remaining are at best controlling access and logging when, where and by whom privileged access has taken place but not WHAT actually is done.”
In one of my previous roles as a test analyst, I was primarily responsible for constructing test cases for password management. At the time, I had devised a whole array of possible test cases for password management which included specifications on the length of the password, complexity of the password, frequency for changing password and so on. However a thought struck me. This tedious manual procedure of password management by the administrator or super-user was done to ensure security but where is the security after all? How many permutations and combinations can a human come up with to ensure these passwords are managed and maintained to comply with regulatory standards? But today working in this cyber security space, I can confidently say that you just have to go knocking on the right door to eliminate this monotonous process and get automated password management solutions that is regulatory compliant and at the same time safe, effective and productive.
Just as I went to collect my iPad this morning from the study room, something that was an integral part of my childhood grabbed my attention. This precious treasure was lying in one corner dusted and covered by a cloth which had torn. The treasure that I speak about was my best friend and is nothing else but the desktop computer that I used in the 90’s and early 2000’s. There was a time when for any important work or internet use, only one device could be used – the computer. Today if I want information on the internet, the last thing I use will probably be that desktop computer. And this is the same for most of us today.