Researchers from SecureLink and the Ponemon Institute recently released the “A Crisis in Third-Party Remote Access Security” report. Their analysis details the discrepancy between organizations’ perceived third-party access threat and their deployed security measures.
The survey was conducted by the Ponemon Institute on behalf of SecureLink and includes responses from 627 individuals based in North America, who are involved in their organization’s approach to managing remote third-party data risks.
The report states that:
44% of organizations experienced a breach within the last 12 months;
51% of organizations experienced a data breach caused by third parties with remote access;
74% said the breach resulted from giving too much privileged access to third parties;
54% of respondents say their organizations are not assessing the security and privacy practices of all third parties before granting them access;
61% of respondents say their third-party management program does not define or rank levels of risk;
63% say their organization doesn’t have visibility into the level of access and permissions for both internal and external users.