Inactive Accounts Indicate Insufficient Audits

A recent survey shows that 42 percent of businesses have no idea how many logon accounts are no longer needed.

The survey, conducted on behalf of Symark International, polled more than 800 executives that handle security, information technology, human resources, and other aspects of company business.

The results indicate that internal security audits are either lacking or insufficient. Lending evidence to that fact, 30 percent of the companies surveyed have no procedures in place to locate inactive accounts.

Further problems that were revealed include a significant lag time in disabling or deleting accounts that are no longer needed. Over 30 percent of the responding businesses take 3 days or more to handled such accounts and 12 percent take over a month. Compounding the problem even further, a significant portion of businesses have no idea whether such accounts have been used to gain unauthorized access to company resources.

"As the sobering results of this study demonstrate, orphaned accounts represent a major security and compliance challenge and are often overlooked as a potential threat vector. It is clear that organizations must implement polices and technologies to ensure that user accounts are terminated swiftly as soon as the employee leaves the company, especially for large, international enterprises managing locations across the globe," said Bob Farber, CEO at Symark.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.