Survey: 61 percent of IT security professionals unsure if partners, contractors, suppliers and others are accessing or attempting to access unauthorized data. 94 percent of respondents gave third-party users access to their networks. 72 percent of organizations grant these users privileged or superuser permissions, giving them administrative access to sensitive information. Only 15 percent of the respondents said they re very confident that third party users follow the same access rules as their internal users, such as ensuring password strength. Retail is the most at-risk industry when it comes to third party access.
Source: https://threatpost.com/admin-rights-third-parties-risk/150462/