Survey Reveals Security Shortcuts Taken by ‘Privileged Users’ During the Holidays

By   ISBuzz Team
Writer , Information Security Buzz | Dec 17, 2014 05:02 pm PST

Results of a survey with ‘privileged users’* conducted by BalaBit, an IT security innovator specialising in log management and advanced monitoring technologies, reveals that a combination of irresponsible user behaviour and weaknesses in the protection of networks could create a greater risk of a data breach occurring during the holiday period than at any other time of year.

With the festive season approaching, most respondents (70%) still expect to use the downtime to connect to the network or check in on emails, with more than a third (39%) logging on to access emails several times a day. However, whilst the majority of respondents (72%) have used their own, a friend’s, a colleague’s, or a public device to connect to the corporate network during their holiday, 38% of users have not been asked for extra levels of authentication when connecting to the company network from a device that has not been registered.

The survey also reveals that some executives sidestep basic security measures during their time off. One in seven respondents (14%) have shared personal access details – their username or password – with a colleague. Going against best practice on password protection, the same number of respondents have shared their password on the phone so that a colleague could complete an urgent task on their behalf.

Free eBook: Modern Retail Security Risk – Get your copy now.

Around a third of all respondents surveyed (35%) also admitted that they have not changed their password immediately after they have given it to someone else. Personal relations appear to play a role in this, with a fifth of respondents admitting they had done this because they had trusted the person.

Zoltán Györkő CEO of BalaBit comments: “With the holiday season approaching, it can be a prime time to catch up on any unfinished tasks ,and many of us need to check in on emails when we’re out of the office. However, this survey highlights some worrying lapses in the protection of personal information during holidays. Whilst we’re relaxing at home, we can sometimes use the easiest route to complete a task, which means that security is compromised. Of course, we need to allow executives to do their job even if they’re not in the office, but organisations need to support them to do this in a secure way that protects the integrity of sensitive company data.”

*The survey interviewed 269 users with high privilege rights, including IT security consultants, C-level executives (CEO, CISO, or CEO), operations managers, system administrators, and other IT professionals.

BalaBit’s Tips to Protect the Network over the Holiday Season

Whilst BYOD can help employees do their job even if they’re not in the office, which can make business processes more effective, IT security teams should develop an all-encompassing security policy to support them:

·         Establish IT policies to prevent users from sharing account usernames and passwords. Even if a password is changed immediately after it has been shared with any colleague, the security of the corporate network may already have been compromised.
·         In situations where a task needs to be done on behalf of a privileged user during the holidays, be prepared in advance. Give temporary access with the appropriate credentials to a colleague who is the ‘substitute’ or use a digital credential store within your network. This solution offers a secure way to store user credentials (for example, passwords, private keys, certificates) to login to the target server without the user having access to the credentials and even if the credentials belong to shared accounts (e.g. root).
·         Ensure that your policies support employees to do their job in a secure way, for the time and resources spent on preventing security incidents is far less than that spent on mitigating the risk of business and reputation damages.
·         Enforce secure access (VPN, SSL, or bastion mode) and authentication when users access the company network from a device that is not registered.
·         Monitor users’ activities in real time and set alerts (or block the session) in case of detecting suspicious activity in the network. Rather than adding countless control layers, a monitoring-based approach can help to prevent data breaches by identifying unusual user activity.

BalaBit’s Shell Control Box, an industry-leading turnkey appliance for monitoring privileged user’s activities, can support the above-mentioned recommendations and help organizations to dramatically reduce human risk.

More information is available at

About BalaBit

balabitBalaBit – headquartered in Luxembourg – is a European IT security innovator, specializing in log management and advanced monitoring technologies. It has sales offices in France, Germany, Hungary, Russia, the United Kingdom and the United States and partners in 40+ countries. Its main development centers are located in Hungary. BalaBit has customers all over the world including 23 Fortune 100 companies.

The company is widely-known for syslog-ng™, its open source log management solution, used by more than a million companies worldwide. This significant user base has provided a solid foundation for the company’s expansion which has been fueled by Shell Control Box™, a pioneering development for the rapidly-growing privileged activity monitoring market.
For more information, visit