Identity and permissions present a major security challenge

No Comments

The average organization has roughly 1,400 permissions for every employee, according to a new report from Veza.

The findings also show that identity teams face a daunting number of groups and roles to manage. With organizations averaging nearly 700 groups for every 1,000 users, it is difficult for admins to choose the least-privilege groups and roles that will meet the needs of any given employee, contractor, or service account.

"Permissions are the treasure map and hackers have figured this out," says Tarun Thakur, co-founder and CEO, Veza. "Traditional identity tools with directory services and listing users and groups, do not represent access. The true picture of access is rooted in permissions. Digital transformation has increased the complexity of access permissions, making it more important than ever for organizations to enforce the principle of least privilege. The numbers in this report are a wakeup call for security and identity teams, many of which struggle to see who can take what action on enterprise data."

Among other findings, organizations use an average of 1.75 identity platforms, with the most prominent being Microsoft's Entra ID, Microsoft's Active Directory (AD), and Okta. Cloud and GenAI adoption have increased the number of non-human identities too -- such as service accounts and service principals. The report sees a ratio of 17-to-one of non-human identities to human workers. This is especially prevalent in AWS, Azure and Google Cloud.

Dormant permissions are pervasive too. Deactivated users account for 16.5 percent of all permissions assigned to users in identity platforms, especially those in Microsoft’s Active Directory and Entra ID. 14.7 percent of users are considered dormant.

Although just 0.1 percent of users in identity platforms are explicitly labeled as privileged accounts, implicit privilege is common. 34 percent of all effective permissions tracked by Veza include the ability to delete data.

Multi-factor authentication (MFA) is not a given either, across the millions of identities analyzed by Veza, 13 percent of users still have not enabled MFA.

The full report is available from the Veza site and there will be a webinar to discuss the findings on May 16th at 10am PST.

Image credit: sqback/depositphotos.com

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

NordVPN launches ID theft protection tool

Navigating the world of disinformation, deepfakes and AI-generated deception [Book Review]

Mitigating third-party risk in today's cyber ecosystem [Q&A]

Debian Linux 12 bookworm receives eighth update with crucial security fixes

Why my Apple iPhone 16 Pro Max cost more than my M4 Mac mini

SHARGE launches ICEMAG 2 power bank with upgraded wireless charging and active cooling design

Get 'Practical Cyber Intelligence' for FREE and save $79!

Most Commented Stories

Switching from Microsoft Windows 11 to Linux is like Columbus discovering America

34 Comments

What happens to Linux when Linus Torvalds dies?

24 Comments

Windows 10: Microsoft reveals how much you'll need to pay to keep receiving updates

20 Comments

Bring your Windows 10 and 11 desktops to life with the amazing (and free!) Sucrose -- download it now

13 Comments

Seelen UI transforms Windows 10 and 11 into your dream OS -- download it now

11 Comments

Unnecessary replacement of hardware leads to higher costs and growing waste problem

9 Comments

Belkin launches Connect USB-C 11-in-1 Pro GaN Dock with 150W power

8 Comments

Tech leaders congratulate Donald Trump on 2024 election victory

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.