User Permission Audits: Do Your Users Have Superpowers?

Picture this: everything is going swimmingly at your business, when you suddenly receive an influx of tickets about an inability to access a production server. After an analyst investigates, the worst has been confirmed: ransomware has wiped much of the valuable data from the machine.

Even with backups, this situation is a nightmare. Cleaning up, losing income from a lack of availability, and handling lost customer trust are all costly and can interrupt the best moments for businesses.

How do these breaches happen?

80% of data breaches include the use of compromised or misused credentials (Verizon DBIR 2023). This can include administrator accounts being used by multiple people or for multiple important functions, or by not maintaining credentials and account sanitation.

These breaches can be prevented with varying methods and varying effectivenesses, but one of the greatest is through user permission audits: In a 2022 Gartner study, findings indicated that regular user permission audits can decimate insider threats by up to 70%.

In the past, we’ve found the same - customers and clients we’ve interacted with have seen significant benefit from user permission audits. Not only do they save companies from expensive breaches and their cleanup processes, but they keep businesses industry compliant and can identify wasted software licenses.

During the 2013 Target breach, the biggest turning point leading to the theft of over 40 million debit and credit records and a massive fine was the takeover of an abandoned vendor account with over escalated privileges. Instead of having ‘least privilege’ access, or the least necessary roles/permissions to perform the required tasks, the third-party vendor was given the proverbial ‘keys to the kingdom.

How many of your users have access that they’re not supposed to have? Where could things go wrong in a breach? How much money can your organization save?