Identity system modernization held back by 'technical debt'
Modernizing identity systems is proving difficult for organizations due to two key challenges, decades of accumulated identity and access management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs).
A new report from Strata Identity and the Cloud Security Alliance (CSA) finds incompatibility with non-standard, legacy applications is a barrier to deploying advanced application authentication for 71 percent of respondents, further highlighting the issue of technical debt with 54 percent of respondents citing it as their top hurdle when modernizing their IAM architecture.
With two-thirds of organizations managing two or more IDPs, 65 percent of respondents claim that managing access controls and enforcing consistent security policies across disparate identity systems is a top concern.
Although multi-cloud/multi-IDP offers flexibility and enhanced security, it also adds complexity to managing access controls across disparate systems, a concern cited by 65 percent of respondents. Interestingly, 75 percent of organizations reported managing two or more IDPs, with 11 percent relying on five or more.
"As enterprises accelerate their adoption of multi-cloud, they're encountering significant obstacles in harmonizing hybrid and cloud identity systems for secure integration. High costs related to IAM technical debt, a significant talent gap, vendor lock-in, and the complex task of rewriting legacy applications are impeding progress and slowing innovation," says Hillary Baron, lead author and senior technical director for research at the Cloud Security Alliance. "It's essential that organizations address these challenges, not only for security and compliance but for operational efficiency and business agility, as well."
The report also highlights concerns around visibility gaps. While 73 percent of organizations believe improved visibility is essential for enhancing their risk management capabilities, over a third expressed uncertainty in their ability to monitor and control key areas within their IAM environments. Specifically, 40 percent reported inadequate visibility into user behaviors, 38 percent said they struggle to maintain visibility into application events, and 36 percent reported challenges in overseeing how access policies are applied and enforced.
Many organizations are falling short in building resilient identity infrastructures, leaving them vulnerable to IDP-based outages and disruptions. Only 38 percent of organizations reported fully implementing measures to ensure continuous availability of identity services, and a troubling six percent admit to having nothing in place. 52 percent of respondents feel only moderately confident -- or worse -- in their ability to withstand and recover from identity outages or disruptions.
"These findings clearly demonstrate that organizations want and need to migrate from legacy identity systems to modern cloud identity providers but are struggling with the technical debt of having to rewrite applications and manage access across multi-cloud and hybrid identity environments," says Eric Olden, CEO of Strata Identity. "Identity orchestration offers a path to modernizing identity systems and managing multiple IDPs that eliminates the need to refactor applications and unifies access control while policy enforcement for any number of on-premises and cloud identity systems."
You can get the full report from the CSA site.
Image credit: IgorVetushko/depositphotos.com