More than 60% of organizations don’t hold full awareness of certificates and keys across their digital assets, according to a research from AppViewX.
Over the course of the pandemic, as enterprises were forced to accelerate their digital transformation efforts, The report that surveyed 1,000 IT security decision makers across North America and EMEA, suggests many organizations also became unable to track the identities of all machines across their evolving IT networks.
Of the enterprises that lacked certificate and key awareness, 96% experienced consequences that could cripple their operations, including cybersecurity breaches (55%), loss of employee productivity (47%), system outages due to lack of complete visibility (35%) and financial losses from outages (33%).
Despite this, an overwhelming majority of organizations recognize the importance of improving and investing in machine identity management. According to the research, almost all of the IT and security leaders surveyed (99%) reported that their organizations are likely to start taking the steps needed to overcome these issues by enhancing their machine identity management approach, but these leaders (98%) also expect to face challenges.
Some of the major hurdles that have prevented executive team buy-in
- The complexity of managing certificates across all areas of IT infrastructure (67%)
- Lack of skill sets within IT/security teams (66%)
- The current management is manual and too time consuming to upgrade (57%)
- Budget constraints (49%)
These specific challenges indicate a need for enterprise solutions which can be provisioned across the entire IT infrastructure, and can be easily implemented even where skillsets are lacking.
According to Gartner, “Digital transformation has led to an explosion in the number of machines — such as workloads, code, applications and containers — that need to identify themselves and communicate with each other. As a result, several technology providers have built tools that can help clients discover and manage machine identities across hybrid and multicloud environments. Managing machine identities has become critical, as nonhuman entities are now at the leading edge of digital transformation.”
“This report distinctly illustrates the urgency for a machine identity management solution with next-gen capabilities,” said Tammy Moskites, CEO at CyAlliance.
“Managing machine identities has been a passion of mine for several years. This passion is why I cannot stress enough the significance of both awareness and management of keys and certificates, which will certainly wreak havoc if sidelined. Enterprises are rapidly waking up to its importance – and the role that it would play in securing an enterprise’s critical infrastructure.”
Upgrading to the next generation of machine identity management tools
Looking to the future, organizations are taking steps to upgrade to the next generation of machine identity management tools. The vast majority are planning, or have already begun, to implement automated machine identity management workflows (96%); taken the steps to manage certificate lifecycles on hybrid deployment models (95%); or adopted machine identity management-as-a-service (95%).
Of the forward-looking enterprises that have already implemented a machine identity management solution, the report highlights the benefits experienced as a result, including:
- More awareness of certificates and keys across new and emerging technologies (54%)
- An increased ability to access certificates and keys faster (51%)
- Stronger security credentials (51%)
- A reduction in the likelihood of outages due to certificate expiry or human error (41%)
“IT teams know that the proliferation of digital assets and vital technologies make the tracking of identities and keys across IT networks ever more necessary. But digital identity management is still not getting the serious attention — or resources — it needs from the entire organization,” said Murali Palanisamy, chief solutions officer for AppViewX.