Welcome Guest. | Log In| Register | Membership Benefits

  • Email this page E-mail
  • |  Print Print
  • |   Bookmark and Share
  • icon

Say 'Please': Access Rights Keep Away Prying Eyes


By Helen D'Antoni
InformationWeek
November 11, 2002 12:00 AM (From the November 11, 2002 issue)

Permission management is perhaps the easiest part of controlling access to internal processes and company applications and networks. Sorting out an employee's access rights is usually clear-cut. The challenge is deciding what access-control tools safeguard business procedures against wayward staff or malicious hackers.

Forward ThinkingHowever, companies are becoming more vulnerable to unlawful entries because of a growing dependence on such data-intensive business initiatives as real-time operations and information sharing. Installing better access controls is a security priority for companies of all sizes, according to InformationWeek Research's U.S. Information Security 2002 report, based on our annual Global Information Security study, fielded by PricewaterhouseCoopers.

Closer examination of access methods affords insight into this improvement effort. Basic user passwords and multiple logons remain the most prevalent methods used by U.S. companies to protect business operations. Use of basic user passwords is compatible with use reported in 2001. Last year, 96% of U.S. companies said passwords were their primary method of access control, compared with 91% of U.S. companies in 2002. Today, 91% of large sites have opted for this protective measure, 94% among surveyed midsize companies, and 90% of small shops.

It's no wonder that more than half of large companies surveyed say installing better access-control tools is a near-term business objective, as it is for half of midsize and 41% of small businesses.

How does your company plan to handle identity management in 2003? Let us know.

Helen D'Antoni,
Senior Editor, Research
hdantoni@cmp.com


Sting Blockades
Which access-control tools does your company use?
Some companies are looking beyond protecting systems as the focus of their security strategies, choosing instead to control access to certain company devices. According to InformationWeek Research's U.S. Information Security 2002 report, protecting PCs and mini or mainframe computers from unauthorized entry through the use of customized software, although by no means pervasive, is something companies of all sizes are trying


Subscribe to RSS


Advertisement





Get InformationWeek in Print

Apply for a free 52-week subscription to InformationWeek (a $199 value)



NOTE: Offer valid for U.S., U.S. possessions, & Canada only.