Enterprise IT staff spend one month a year managing identity and access
Anyone who's worked on a help desk or in tech support will know that a high percentage of requests relate to granting access to systems or resetting passwords.
In fact IT personnel expend a full month of work (21 days) each year on mundane identity and access management (IAM) tasks such as resetting passwords and tracking app usage, according to a study by password management company 1Password.
14 percent of IT workers are consumed with IAM, spending at least an hour each day on routine IAM tasks. It's maybe no surprise then that IT workers are disillusioned with their tools, just 48 percent of IT workers say the majority of IAM products bring value to the company -- and 13 percent say less than 10 percent of their IAM products deliver.
The survey shows that 57 percent of IT workers are resetting employee passwords up to five times per week -- with 15 percent doing so at least 21 times per week. 1Password's wide-ranging survey also explored behavior around shadow IT in the work from home era as well as the power of enterprise password managers (EPM) to achieve security, productivity and convenience for businesses.
The study also looks at shadow IT usage and finds that four in five workers report always following their company's IT policy, meaning that just 20 percent of workers are driving all shadow IT activity in the enterprise. These employees don't act out of malice but rather a drive to get more done, with 49 percent citing productivity as their top reason for circumventing IT's rules.
"The shadow IT picture is more complicated than many think," says Jeff Shiner, chief executive officer at 1Password. "Most of us follow the rules, but a small group of employees trying to get more done circumvent policies and create openings for credential attacks. They're sometimes enabled by IT workers who empathize with their pursuit of productivity. 1Password designed our enterprise password manager to reduce the risk of shadow IT by helping everyone at work be good by being lazy."
Nearly one in three IT workers admits not fully enforcing security policies. 38 percent of these say their organization's method for monitoring is not robust, while 29 percent say, 'it's just too hard and time consuming to track and enforce', while 28 percent say, 'our employees get more done if we just let them manage their own software.'
On a positive note, EPMs do seem to make a difference. 89 percent of IT departments using a password manager say it's had a measurable impact on security at their company. They save time and frustration for employees according to 57 percent, reduce time for IT departments (45 percent), enhance productivity (37 percent), reduce breaches/attacks (26 percent) and create happier employees (26 percent).
You can find out more on the 1Password blog.