Intelligent identity and access management (IAM) solutions provider, Courion, reports that most companies don't realise how many service accounts exist within their organisation with default passwords.
Service accounts are usually used for interaction between software and devices, and the passwords used are often the default passwords they were set up with, to avoid loss of interconnectivity. This is an issue as service accounts can be used to access valuable data; and because they aren't securely protected, they're an easy target for hackers, making the organisation more vulnerable. Courion's access risk study says that security organisations normally underestimate the number of service accounts with higher access rights, without a password reset in over a year.
When an audit reveal service account represents access risk, a hacker may have already accessed company data. To combat this, Courion is offering an evaluation of access risk which uses an identity and access intelligence solution to analyse password reset history, privilege patterns, ownership, and to determine high-risk service accounts.
Chris Zannetos, CEO of Courion said: “It' impossible with traditional IAM technologies to see through the complexity of an organisation's identity and access infrastructure to identify possible access risks, but Access Insight allows you to do exactly that. Identity and Access Intelligence is not just a nice to have, it is required to get ahead of hackers, corral out-of-policy access provisioning, and turn certification from a rubber stamping exercise into an effective control.”