Sean Martin, founder of imsmartin consulting, spoke to many individuals at the recent RSA 2012 conference.  Sean mentioned in his recent article titled “Are security basics getting lost under the cover of cloud and mobile?” that there were numerous topics discussed but he noticed three topics being raised more than others: passwords, identities, and privileges.

“Most organizations take steps to remove admin-level access and elevated privileges from standard user accounts. But admin privileges often get granted to additional users over time as a way to allow them to install printer drivers, launch system-level applications, and perform other business-enabling actions on their own without IT help desk involvement,” said Sean Martin.

Viewfinity is seeing that most organizations are victims of “privilege creep” – a situation where privileges are locked down initially and are increased over time. Businesses should follow the basics of managing account privileges on a granular level, controlling access based on need, time, application, location and more.