Wall Street & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Trading Technology

02:14 PM
Connect Directly

Ineffective Access Management Poses Risk to Businesses

Employees have too much access to information, according to a new Ponemon survey.

Employees have too much access to information. Seventy-eight percent of IT professionals surveyed by the Ponemon Institute and Aveksa, a provider of enterprise access governance solutions, believe employees have too much access to data that is not pertinent to their job functions. An additional 59 percent said temporary employees and contractors also have too much access to information resources.

"The fact that most organizations feel that employees are being granted access rights outside of their business role clearly illustrates the risk that most enterprises face," says Brian Cleary, VP of marketing for Waltham, Mass-based Aveksa, in a release.

Compounding the problem, access policies are not enforced at most enterprises, according to the survey, which polled 700 IT professionals across all industries; 21 percent of participants were from the financial industry. Almost 70 percent of those surveyed said access policies are not being regularly checked or enforced by their organizations.

In addition, 55 percent of respondents described their companies' ability to grant access rights based on role and job function as poor or nonexistent, including 42 percent who said it is not done at all. According to Ponemon, the findings suggest businesses find it difficult to manage access rights at the individual level because of changing roles and responsibilities.

The study also revealed that most respondents view collaboration among business units and audit, compliance and IT security functions as critical to achieving good access management. But 57 percent of respondents said such collaboration is not being achieved within their enterprises.

Meanwhile, senior management does not seem to understand the risks of inappropriate user access or the resources that are needed to ensure compliance and avoid business risks, the Traverse City, Mich.-based research institute said.

Melanie Rodier has worked as a print and broadcast journalist for over 10 years, covering business and finance, general news, and film trade news. Prior to joining Wall Street & Technology in April 2007, Melanie lived in Paris, where she worked for the International Herald ... View Full Bio

Register for Wall Street & Technology Newsletters
Exclusive: Inside the GETCO Execution Services Trading Floor
Exclusive: Inside the GETCO Execution Services Trading Floor
Advanced Trading takes you on an exclusive tour of the New York trading floor of GETCO Execution Services, the solutions arm of GETCO.