“Staff who have admin rights can unwittingly or irresponsibly download applications that contain malware and cause significant problems if entered into the corporate network,” said Paul Kenyon, Avecto co-founder and COO.
In fact, the survey results show that 39% of IT professionals are reporting malware from unauthorized applications being downloaded on their network. Nearly 40% are reporting a network infection as a result of at least one unauthorized application being downloaded on their network.
In 80% of those surveyed, male employees, between the ages of 20 to 35 years old, are the most likely to demand full administrator rights. And many IT departments feel mounting pressure from these younger, tech-savvy employees to grant them, even though more than 50% of respondents would expect a decrease in support calls, and affiliated costs, as a direct result of not allowing it.
“The answer is simple – don’t give admin rights out to everyone, only to the few key IT administrators who really need them,” said Kenyon. “You will see an immediate decrease in security risk and associated downtime as well as an increase in productivity from IT.”
The sense of entitlement from younger workers, Avecto points out, when considered in parallel with other trends blurring boundaries at work, is a troubling development in which younger workers have potentially dangerous expectations regarding technology and the workplace, researchers said.
“We’re also seeing the impact of Gen Y, a technically savvy generation that has grown up in an online and freedom-of-access world,” adds Kenyon. “They often come into the enterprise with the same expectations of access and availability and – in many instances – have the skills and experience to be able to work around basic security protocols to get what they want. On top of this, many IT departments elevate users to admin rights as a means to quickly solve IT problems.
The survey also unearthed the extent to which unfettered, unmanaged and infected applications can potentially sneak onto networks, wreaking havoc before being noticed. Seventy-six percent of those surveyed said they don’t know how many unauthorized applications have been downloaded on their networks. This disconnect suggests that organizations will continue to invite infection of their networks if they provide excessive administrator rights to users. This is especially problematic, as noted in the findings, with younger workers increasingly demanding elevated rights on corporate PCs.
Windows desktops that run with full administrator rights will continue to put organizations at real risk of infection as the sophistication of privilege escalation malware continues to evolve, said Kenyon. Once malware gains access to administrator rights, it will continue to burrow deeper into the organization’s infrastructure.
“Considering these factors, it’s more important than ever for organizations to have a solution in place that enables the quick and secure removal of admin rights from users and the ability to deploy policies that elevate all of the legitimate business applications that require privileged access using privilege management technology,” he said.