Businesses are failing to update privileged passwords leaving them open to hacker attacks, according to a survey published yesterday.
The research, conducted by Cyber-Ark, revealed approximately half of organisations have more privileged passwords - which provide enhanced access to a target system - than individual ones, yet up to 42 percent are never changed.
The report suggests that 99 percent of individual passwords are changed, but 13 percent of router and 21 percent of local workstation privileged passwords are not amended. The study also found that only 58 percent of software passwords are changed.
Moreover, the survey showed that 60 percent of organisations report being attacked by hackers, yet such passwords are rarely changed because it's too time consuming. An IT executive from one company surveyed said: "Of course we have to regularly change the privileged user passwords for these powerful systems, however, manually changing thousands of passwords across hundreds of databases is simply impractical."
Adam Bosnian, vice president of products, strategy and sales for Cyber-Ark Software believes because businesses think they have a small number of IT administrators, they can't use many privileged passwords.
"Privileged passwords come pre-loaded onto virtually every piece of hardware and software in an enterprise and are therefore extremely common. Simply put, these passwords are the keys to your kingdom, and yet they are often left unguarded.
"Having unsecured privileged passwords is an unnecessary risk. There are proven software applications available that automatically update privileged passwords across all systems," he said.