Although IT professionals recognise the dangers of unauthorised applications on their networks, most are turning a blind eye, according to a new survey by Avecto.
The study, conducted across TechEd attendees in the US and Europe, sounded out more than 1,500 IT managers, and found a picture of largely unfettered and unmanaged applications, potentially wreaking havoc before they are noticed.
Fully 76% said they don't know how many unauthorised applications have been downloaded on their networks – effectively inviting infection to their networks through loose availability of administrator rights to users.
Among the survey's most notable findings are the revelation that more than one-third of IT professionals have first-hand experience of the dangers of lax admin rights.
Indeed, nearly 40% have reported a network infection as a result of at least one unauthorised application being downloaded onto their networks.
Interestingly, 80% pointed to male employees, between the ages of 20 and 35 as the most likely to demand elevated rights.
When considered in parallel with other trends blurring boundaries at work, such as BYOD (bring your own device), a troubling trend emerges in which younger workers have potentially dangerous expectations of technology and the workplace, observes Paul Kenyon, Avecto co-founder and COO.
"Staff who have admin rights can unwittingly or irresponsibly download applications that contain malware and cause significant problems if entered into the corporate network," comments Kenyon.
"The answer is simple: don't give admin rights out to everyone; only to the few key IT administrators who really need them. You will see an immediate decrease in security risk and associated downtime as well as an increase in productivity from IT," he adds.
Interestingly, according to the survey, IT professionals are largely aware of the benefits of removing admin rights, with more than 50% of respondents pointing to a decrease in support calls and associated costs as a direct result.
However, the study shows that many also feel mounting pressure from younger employees for full administrator rights.
"We're also seeing the impact of Gen Y, a technically savvy generation that has grown up in an online and freedom-of-access world," agrees Kenyon.
"They often come into the enterprise with the same expectations of access and availability and – in many instances – have the skills and experience to be able to work around basic security protocols to get what they want," he warns.
"It's more important than ever for organisations to have a solution that enables quick and secure removal of admin rights from users and the ability to deploy policies that elevate all of the legitimate business applications that require privileged access, using privilege management technology," suggests Kenyon.