sb-as logo
Story image

Dormant employee accounts a major cyber risk for Singapore businesses

09 Oct 2017

The ways Singapore businesses manage accounts used to access data, IT infrastructure and systems are leaving major gaps that could lead to major security and compliance deficiencies, according to One Identity.

Security best practices such as removal of access to corporate data, dormant account removal and role administration are still a challenge – 81% of Singapore respondents are not confident that their former employees’ accounts have been deactivated in a timely manner.

“With organizations across the Asia Pacific region facing increased cyber threats, IT and business leaders need to evaluate their identity-related security strategies,” says Lennie Tan, VP of One Identity, Asia Pacific & Japan.

Although 99% of organizations have methods that can identify dormant users, only 22% have tools that can help find those users.

Best practices state that employee accounts that are no longer used should be deactivated. If an employee changes roles, new access rights must be granted and older, irrelevant ones must be retired.

Only 5% of Singapore respondents audit enterprise roles more frequently than monthly, the report also found.

Dormant accounts are open invitations for hackers, disgruntled employees or other actors who can exploit the accounts and gain access to sensitive information. In some cases, data breaches and compliance violations can occur.

Seven percent of respondents in Singapore say they remove access for users immediately upon a change in HR status.

Dormant accounts are not just about internal system accounts, but access to cloud accounts and share services such as Dropbox.

“The alarming results of our study prove that organizations in Singapore are exposing unsecured identities and creating security holes for hackers to exploit. Those that don’t adopt stronger defenses and innovative solutions to mitigate the growing risk more quickly, might face serious consequences including reputation and financial loss," Tan continues.

These attacks occur through credential-based attack methods, such as user names and passwords. Once attackers gain access, they can move laterally and escalate privileges to find sensitive information such as a CEO’s email, customer or employee personally identifiable information or financial records.

With every additional inactive account, the more potential damage could be done, such as data loss, leakage and theft, the company says.

“Exploitation of excessive or inappropriate entitlements remains a goldmine for threat actors who will then capitalize on access to gain a foothold in an organization to steal data or inject malware,” comments Jackson Shaw, senior director of Product Management for One Identity. 

One Identity’s study gained responses from 913 IT security professionals from Singapore, Australia, Hong Kong, Australia, France, Germany, Canada, the US and the UK.

Story image
Fujitsu new tech ensures inter-business data trust
The technology can verify when and by whom the data was created, and whether it has been tampered with, to ensure trusted data exchange.More
Story image
Zoom to begin rolling out end-to-end encryption
Available starting from next week, it represents the first phase out of four of the company’s greater E2EE offering, which was announced in May following backlash that the company was lax on its security and privacy.More
Story image
BlueVoyant acquires Managed Sentinel, builds out Microsoft MSS offerings
“Combining Managed Sentinel’s Azure Sentinel deployment expertise with BlueVoyant’s MDR capabilities will help customers operationalise and maximise Microsoft security technologies."More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More
Story image
Network visibility is the crux of security in 2020
Resilience sits at the heart of security, and there is a need for organisations’ architecture, processes and strategies to be more impervious in order to continue to ensure protection, writes Gigamon A/NZ manager George Tsoukas.More
Story image
NordVPN upgrades infrastructure with launch of colocated servers
"The greatest advantage of having colocated servers is their complete ownership, which guarantees access only by our authorised people."More