New research from CyberArk, the global leader in Identity Security, reveals that organisations continue to operate with limited visibility into user activity and sessions associated with web applications, despite the ever-present risk of insider threats and credential theft.
Adoption of web applications has brought flexibility and increased productivity, but companies lag in implementing security controls so as to mitigate human error or malicious intent.
The global survey of 900 enterprise security leaders found that 80 percent of organisations experienced employees misusing or abusing access to business applications.
This comes as 48% of organisations said they have limited ability to view user logs and audit user activity, leaving a blind spot for catching potentially risky behavior in user sessions.
The research coincides with the launch of CyberArk Identity Secure Web Sessions, a cloud-based solution for companies to record, audit and protect user web application sessions.
Consider financial, healthcare, marketing or developer web applications that contain sensitive, high-value data like financial records, customer or patient information or intellectual property.
Most security and compliance teams have limited resources, visibility and control over how confidential data is being handled, or what is being done during a user session.
70% of organisations, the average end-user has access to more than 10 business applications, many of which contain high-value data, creating ample opportunity for a malicious actor.
The applications that companies are concerned with protecting against unauthorised access were IT service management apps like ServiceNow, cloud consoles like Amazon Web Services, Azure and Google Cloud Platform and marketing and sales enablement like Salesforce.
Investigation into questionable activity represents a significant investment of time and drag on thin resources, and must be balanced with other priorities like improving incident response and enforcing consistent controls across applications to reduce threat of credential theft.
According to the research
- 54% of organisations investigate user activity stemming from security incidents or compliance at least weekly vs. 34 percent of organisations that investigate monthly
- 44% of organisations said they need to enable the same security controls across all applications amid disparate built-in application controls
- 41% of respondents said that better visibility into user activity would enable them to identify the source of security incident more quickly
Gil Rapaport, the General Manager for Access Management at CyberArk gave insights.
“Security and usability is key. As high-value data migrates to the cloud, companies should set proper controls to manage risk while enabling their workforce to operate without disruption.”
“Today, any user can have a certain level of privileged access, making it ever more important that enterprises add security layers to protect the entire workforce as part of a comprehensive Identity Security strategy and Zero Trust framework.”
Secure web sessions add security to user activity
CyberArk Identity Secure Web Sessions provide visibility into user activity in web-based apps protected by CyberArk Workforce Identity and third-party Single Sign-On (SSO) providers.
Secure Web Sessions’ benefits for organisations
- Record and search every click and data change made within a protected app while maintaining a frictionless user experience
- Implement continuous monitoring and re-authentication, such as when a user steps away from a device during a session, reducing the risk of abuse
- Protect web sessions from threats originating on the endpoint and restrict data exfiltration actions, such as copying of data and file downloads.