Hello all, My name is Mark Fullbrook and I am the Director of Cyber-Ark for the UK. I'm the person that is quoted on what was originally meant to be a small localised press release but has turned (somewhat) into a global debate.
For those that are wondering about the conditions surrounding the survey, it took place at this years Infosecurity Europe Event in London. The survey was a face to face question and answer session with people who had confirmed that they were of administrator level or above. The survey, which was anonymous, consisted of a number of questions around administrative privileges and the transfer of highly sensitive information both within and between enterprises.
We, as a company, were not suprised by the results. In my role, I have the pleasure of dealing with a huge number of the worlds largest companies. I am always suprised at the desire to control adminstrative and privileged access, but I am often told that it is very difficult thing to do when you consider there are in many cases, more Privileged Identities than users!
For those who have mentioned that this is a survey by a company that "sells" a solution to the problem highlighted, then I plead guilty, but I hope that this does not bring the results into disrepute. If we had wanted to make an impact we could of used a LOT higher figure than 1 in 3! The results are a factual representation of what we found from this cross section of attendees of Europes largest IT Security event.
I welcome the thoughts of all of those Admins that have highlighted the need for honesty and integrity, you are of course, the majority. However, you will all admit that sometimes you have to protect from the minority and any solution (ours or someone elses) that can control and audit access for privileged users without impacting how they go about their job surely must be a good thing.
Slashdot Mirror
Hello all, My name is Mark Fullbrook and I am the Director of Cyber-Ark for the UK. I'm the person that is quoted on what was originally meant to be a small localised press release but has turned (somewhat) into a global debate.
For those that are wondering about the conditions surrounding the survey, it took place at this years Infosecurity Europe Event in London. The survey was a face to face question and answer session with people who had confirmed that they were of administrator level or above. The survey, which was anonymous, consisted of a number of questions around administrative privileges and the transfer of highly sensitive information both within and between enterprises.
We, as a company, were not suprised by the results. In my role, I have the pleasure of dealing with a huge number of the worlds largest companies. I am always suprised at the desire to control adminstrative and privileged access, but I am often told that it is very difficult thing to do when you consider there are in many cases, more Privileged Identities than users!
For those who have mentioned that this is a survey by a company that "sells" a solution to the problem highlighted, then I plead guilty, but I hope that this does not bring the results into disrepute. If we had wanted to make an impact we could of used a LOT higher figure than 1 in 3! The results are a factual representation of what we found from this cross section of attendees of Europes largest IT Security event.
I welcome the thoughts of all of those Admins that have highlighted the need for honesty and integrity, you are of course, the majority. However, you will all admit that sometimes you have to protect from the minority and any solution (ours or someone elses) that can control and audit access for privileged users without impacting how they go about their job surely must be a good thing.
Please feel free to contact me via this response.
Many thanks
Mark Fullbrook