Top Audit Finding? Excessive Access Rights
Posted by Todd Chambers - CMO on Thu, Feb 05, 2009
The effects of the economic crisis is heightening security risks at the world's largest financial institutions, according to Deloitte's 6th Annual Global Security Survey, which benchmarks IT security and privacy in the financial services industry.
It comes as no surprise that identity and access management (IAM) and security regulatory compliance were the top security initiatives of financial institutions for the past 2 years. Increasing regulation and industry guidelines, as well as the need to provide secure access to systems for suppliers, business partners and others is driving the need for identity and access management and compliance solutions. In spite of this, many of these organizations have a growing concern about insider threats - according to the survey 36 per cent of respondents expressed a greater level of concern about insiders.
‘Excessive access rights' was the top internal/external audit finding over the past 12 months and ‘unauthorized access to personal information' was the number one privacy concern stated by respondents.
As financial institutions face an increased risk of security breaches this year due to budgetary constraints and an increased threat of insider misconduct, an access assurance strategy can help them to strengthen security and improve compliance by assuring users' access rights and activities are compliant with policy while aligning security and business objectives.