Companies lack confidence in the effectiveness of controls

A significant number of Global 1000 companies still lack the proper internal controls over, and visibility into, employee access to sensitive applications and data, according to SailPoint.

More than half of the 100 IT managers and directors polled in the survey reported they are not confident that an employee’s access privileges are appropriately granted when a new hire joins the company or promptly revoked when an employee leaves. 63% of the participants do not have full visibility into their employees’ access rights.

Two-thirds of the participants said the recession has had no impact on their company’s policies and controls around access privileges. Yet, 28% admitted they failed an IT audit and 19% have experienced a security breach in the last two years.

The survey also polled respondents about their expectations for 2011. More than 80% of the companies are concerned about potential security breaches in 2011.

They see four key business drivers for identity management projects:

  • Compliance
  • Security
  • Enabling key business units
  • Automating user administration.

To help address these business imperatives, the majority of companies expect the same or higher budgets for identity management in 2011.