This situation happens a lot and, whilst the workaround has been accepted for years, it can actually cost you a lot more than a black mark from your auditors.
Yes, it weakens your security defences, but now about your organisation's regulatory compliance under the Data Protection Act and the PCI DSS rules?
Last year, Quocirca analyst Bob Tarzey conducted a survey that revealed that around half of senior IT managers share accounts and passwords for access to networks, operating systems, applications, databases and security systems.
Bob found that almost 60% of organisations said that, whilst they have implemented - or plan to implement - the ISO 27001 standard for secure management of IT systems, about 41% still have poor management of their privileged user accounts.
Has the situation changed? Probably not that much. But in the light of increasing regulatory compliance issues, it really needs to do.
Infosecurity is pleased to say that Bob will be updating us on the situation regarding privileged account security in a free-to-access webinar on Thursday afternoon.
Sponsored by IT monitoring specialist Overtis, the webinar - entitled `Out of sight, out of mind? - Securing privileged account access in the data centre' - will see Bob Tarzey look at some of the dangers that privileged user access can create, including access to company data resources by outsiders, and the pressing need to meet regulatory compliance issues.
Joining Bob will be Richard Walters, CTO with Overtis, the event's sponsor, who will look at the strategies, policies and solutions needed in the modern IT environment.
Moderating the event will be Steve Gold, Infosecurity's technical editor, who will be hosting a question and answer session in which attendees will be able to ask relevant questions of the panel.
This free consultancy aspect of Infosecurity's webinars is a very popular feature.
Join us for what promises to be an interesting and entertaining webinar by registering for this event here...