Imperva, a leading voice in the world of data and application security solutions, has released a new report that researches the inability of access control to adequately limit an attacker’s scope for inflicting damage on an organisation.
The new Hacker Intelligence Initiative (HII) report reveals three primary reasons why the traditional approach to file security no longer works:
- Permissions are granted, but rarely revoked
- Users do not touch most files to which they have permitted access
- Enterprise-level file permissions have become increasingly complex
The report demonstrates that relying on access control alone broadens the risk surface and is not a sustainable method for securing enterprise files. The primary research, conducted by Imperva in customer environments, finds that user permissions to files grow over time; while access is granted freely, it is rarely revoked. In fact, most employees use less than 1 percent of the files they are allowed to access. Furthermore, 99 percent of the files are used on a temporary basis as related to a specific project and rarely accessed again.
“Traditionally, permissions management is manual, time consuming and often inaccurate or outdated, creating a gap in which data contained in files can be lost, stolen or misused by malicious, careless, or compromised users,” said Amichai Shulman, CTO and co-founder of Imperva. “Detection and containment of insider threats requires an understanding of both users and how they use enterprise data.”
More technical details and research notes, as well as examples of real-world incidents pulled from the Imperva customer files that illustrate the potential risks posed by these situations, can be found in the full report here.