Identity and access management proving too difficult for many businesses
According to a new study, businesses find identity and access management (IAM) and privileged access management (PAM) among their most difficult operational tasks.
The survey, by access management firm One Identity, of 200 attendees to the 2019 RSA Conference, finds that while a third of respondents say PAM is the most difficult operational task, only 16 percent of respondents cite implementing adequate IAM practices as a top-three concern when it comes to securing the cloud.
In addition just 14 percent of survey respondents say better employee access control would have a significant impact on their cybersecurity. All of which suggests businesses are struggling to implement adequate IAM and PAM processes, practices and technologies, and may be overlooking the disciplines' impact on their security postures altogether.
More than one in four respondents cite user password management and more than one in five cite user life cycle management -- such as provisioning and deprovisioning -- as the most difficult operational tasks. Additionally, nearly one in four say Active Directory (AD) is the most difficult system for their business to secure. This is particularly concerning given how prevalent AD is among most organizations.
When asked for their top three concerns for securing the cloud, nearly three in four respondents cite data loss. While 44 percent of respondents select malicious outsiders and the same percentage select careless insiders, only 16-percent say implementing adequate IAM practices is a top concern.
Yet survey respondents also highlight the consequences of poor access management. Nearly seven out of 10 respondents admit they would look at sensitive files if they had unlimited access to data and systems. More than six out of 10 say they would take company data or information if they were leaving and no one would find out. Additionally, more than six out of 10 admit to some wrong doing in their workplace. For example, nearly two in five have shared a password and nearly one in five have sacrificed security guidance in order to get something done quickly.
"Our study results paint a bleak picture of how IAM and PAM are being prioritized and managed within organizations today," says David Earhart, president and general manager of One Identity. "Looking at the bigger picture, businesses are unnecessarily facing major challenges with IAM- and PAM-related tasks given the technology and tools available today. Our hope is that this study lights a spark for organizations to make a concerted effort to address these challenges and improve their IAM and PAM strategies and practices to avoid cyber pitfalls."
You can find out more on the One Identity site.