From: InfoSec News (alertsinfosecnews.org)
Date: Fri Oct 23 2009 - 02:13:54 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.computerworlduk.com/management/security/data-control/news/index.cfm?newsid=17211

By Leo King
Computerworld UK
October 22, 2009

Almost half of businesses that claim compliance with ISO 27001 are
sharing privileged user accounts and breaking other standard guidance,
according to a survey of IT managers.

Some 47 percent of firms in the UK said they were compliant with the
standard. But forty-one percent of these said that they were using
various non-compliant practices.

Bad practice by privileged users is putting European data at "high
risk", according to the 'Privileged user management - it's time to take
control' report. These practices included use of default user names and
passwords, the granting of wider access than is necessary, failure to
monitor the users, and an ignorance around the existence of privileged
users in the first place.

Two hundred and seventy European IT managers, including 45 in the UK,
were interviewed for the survey that was conducted by Quocirca.

[...]

________________________________________
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News
http://www.infosecnews.org

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]