Bank Technology News - Technology Innovation. Business Results.

Search
for keyword

About the Banking Group

Do Workers Have Too Much Access?

Bank Technology News | April, 2010

Even given the attention paid over the years to access controls, nearly nine out of ten IT security and compliance professionals believe workers have access to information that’s not pertinent to their job description, according to new research from the Ponemon Institute and Aveksa.

While Aveksa, an enterprise access management firm, potentially stands to benefit from the research’s findings, the data still paints a bleak picture of a number of industries (the research covered retail banking, government and other lines of business) that are unable to contain worker access to systems, creating myriad potential security issues.

“You would think that will all of the new technologies available and with the attention paid to risk, there would be better control over access rights, but there’s no evidence to suggest that the problem is going away,” says Larry Ponemon, the founder of the Ponemon Institute, which found that 87 percent of IT practitioners reported employees have too much access.

The study also found that 72 percent of organizations cannot quickly respond to changes in employee access requirements, and 52 percent say they are unable to keep pace with the number of access change requests that come into their offices on a regular basis. Also, 59 percent of organizations do not have or do not strictly enforce access governance policies, and 61 percent do not immediately check user access requests against security policies before access is approved or assigned.

An additional challenge will come from the adoption of new tech architectures. The research found that 73 percent of respondents say the adoption of cloud-based apps will have a very significant or significant impact on users ability to circumvent existing access policies.

Ponemon also says his firm’s study confirms that IT staffs are unable to keep up with a rising flood of changing user access requirements and changes—which have increased as part of the overall economic crisis, a trend that jeopardizes compliance and risk mitigation. He adds it’s a problem that can’t be solved with enterprise access management and other IT fixes alone.

“You do need tech because it’s a good tool that can fight some of these battles. But you also need good leadership, and people who are sensitive to their job responsibilities,” he says, adding firms also need to create a culture of accountability around access.

Most Popular
Viewed
Emailed

White Papers

Engaging with Generation Y- Operational implications for Retail Banks (Video)

Protecting the Enterprise: Enterprise Fraud Strategy – Vision and Reality

Rebuilding trust: Next steps for risk management in
financial services

Account Opening: The Front Door of Fraud Effective Enterprise-wide Mitigation Solutions to Combat New Account Fraud

The Information Agenda Guide for Financial Markets

Web Seminars

Improve Collections without Losing Customers: Tapping the power of multichannel communications
October 5, 2010

Uncover the Hidden ROI of Streamlining Enterprise Customer Correspondence
September 30, 2010

The Future of Receivables Processing
September 28, 2010

The Debit Business Overhaul: Interchange, Overdraft, Exclusivity
September 21, 2010

Case Study: How Lincoln Trust Used BPM to Transform IT into a Strategic Business Partner
September 13, 2010

Site Nav

American Banker | Bank Technology News | Credit Union Journal | U.S. Banker

© 2010 American Banker and SourceMedia, Inc. All Rights Reserved.
SourceMedia is an Investcorp company. Use, duplication, or sale of this service, or data contained herein, except as described in the Subscription Agreement, is strictly prohibited.

Visit other SourceMedia sites: