Cyber-Ark has announced the release of new research into privileged passwords -- the non-personal, shared and administrative passwords that exist in virtually every device or software application in an enterprise-- which shows companies are unknowingly losing millions of dollars annually due to costly outages, labor-intensive work, legal liability and audit deficiencies related to mismanaged privileged passwords. To simply maintain and update privileged passwords, the report estimates the typical enterprise spends more than US$500,000 each year.

These trends and statistics are summarized in a white paper by IDC and sponsored by Cyber-Ark entitled "Privileged Password Management: Combating the Insider Threat and Meeting Compliance Regulations for the Enterprise". Alarming facts from the research include the following findings:

･passwords if unchecked can be an unmitigated security threat for an organization.

･Astronomical costs are associated with the manual updating of privileged passwords. The yearly cost of manually changing privileged passwords average US$500,000+ for the typical Fortune 2000 company.

･There is a general lack of strict policies for creating and varying privileged passwords which would aid in the prevention of costly security breaches.

･Further complicating the issue is that many if not most privileged passwords are generic in nature and lack the personalization necessary for tracking and auditing purposes.

･Most organizations have more privileged user passwords than personal passwords.

･Most organizations today use the same password for many systems and devices. This creates a common security hole that can be exploited by external hackers.

Not only do privileged passwords pose a security threat, but maintaining, storing, changing and monitoring privileged passwords and their users are an expensive and daunting task. In particular, there are thousands of privileged passwords at all levels -- devices, embedded, laptops, etc. -- and the cost of changing them on a routine basis is difficult to do manually in any effective way. IDC estimates that it takes approximately US$30 in man hours/labor to change the Sys-admin password on a single Microsoft Exchange Server.

For more info., contact to email http://www.SecurityWorldMag.com

ⓒ2007 www.SecurityWorldmag.com. All rights reserved.