Employees have too much access to information. Seventy-eight percent of IT professionals surveyed by the Ponemon Institute and Aveksa, a provider of enterprise access governance solutions, believe employees have too much access to data that is not pertinent to their job functions. An additional 59 percent said temporary employees and contractors also have too much access to information resources.
"The fact that most organizations feel that employees are being granted access rights outside of their business role clearly illustrates the risk that most enterprises face," says Brian Cleary, VP of marketing for Waltham, Mass-based Aveksa, in a release.
Compounding the problem, access policies are not enforced at most enterprises, according to the survey, which polled 700 IT professionals across all industries; 21 percent of participants were from the financial industry. Almost 70 percent of those surveyed said access policies are not being regularly checked or enforced by their organizations.
In addition, 55 percent of respondents described their companies' ability to grant access rights based on role and job function as poor or nonexistent, including 42 percent who said it is not done at all. According to Ponemon, the findings suggest businesses find it difficult to manage access rights at the individual level because of changing roles and responsibilities.
The study also revealed that most respondents view collaboration among business units and audit, compliance and IT security functions as critical to achieving good access management. But 57 percent of respondents said such collaboration is not being achieved within their enterprises.
Meanwhile, senior management does not seem to understand the risks of inappropriate user access or the resources that are needed to ensure compliance and avoid business risks, the Traverse City, Mich.-based research institute said.
Melanie Rodier has worked as a print and broadcast journalist for over 10 years, covering business and finance, general news, and film trade news. Prior to joining Wall Street & Technology in April 2007, Melanie lived in Paris, where she worked for the International Herald ... View Full Bio