“So what’s the real risk of a hacked admin account? Are the consequences so dire? Short answer: absolutely. The survey found that 40 percent of Windows hosts could lead to “complete compromise” if hacked, and that many of these hosts were “high risk,” meaning they can access more than 80 percent of the networks’ other credentials.”
Imagine you had installed a sophisticated home security system … but then you left the key under the front door mat so that members of the family could get into the house!
That’s the kind of scenario which a lot of IT security managers are facing today. They have invested money, time and expertise on network security … but then people with admin passwords can become the weak link in the chain.
Maybe a consultant has stored the password on their smartphone, then left it on the train. Or a product manager has emailed the password to their GMail account so they can work from home, but their personal email becomes compromised.
Even writing the password in a notebook, and then losing the notebook, is risk as the world seems to be full of wannabe hackers these days.
A recent blog post on the Security Intelligence website (link below) included some interesting statistics:
– 88% of networks are at risk from stolen or re-used passwords.
– 61% of security manager said password misuse was the most difficult event to stop.
– Only 26% of privileged admin users change their password monthly.
A daily audit by Elastic Detector can highlight the latest vulnerabilities in your network hardware and software. But it’s worth noting that SecludIT Elastic detector goes far beyond scanning for vulnerabilities and includes many other aspects of security. For example, it includes configuration and password checking.
So, don’t leave the keys for your network where hackers can find them. Use Elastic Detector to manage the human element of your network, as well as the technology elements.