One Identity released global survey findings that revealed a significant increase in digital identities on a global scale. This phenomenon – known as identity sprawl – has been driven by surges in user identities (internal, third parties, and customers), machine identities and new accounts generated in response to an uptick in remote work.
More than 8 in 10 respondents indicated that identities managed has more than doubled, and 25% reported a 10X increase during the period.
Managed identities doubling, creating risk
According to the Dimensional Research-conducted survey of 1,009 IT security professionals, identity sprawl is one critical obstacle to overcome as businesses seek to optimize their overall cybersecurity posture, with half of all companies reporting they use more than 25 different systems to manage access rights.
More than one in five respondents use more than 100. A second challenge is the fragmented way most organizations address identity security. Fifty one percent of respondents stated that multiple silos yield a lack of visibility regarding who has access to what system.
The result of managing identity security in silos is significant levels of complexity and risk. 85 percent of organizations have employees with more privileged access than necessary, making it easier for bad actors to exploit unknowing internal stakeholders to gain access to a given organization.
Only 12 percent of professionals are fully confident they can prevent a credential-based attack, which occurs when attackers steal insider credentials to gain initial access, bypassing an organization’s security measures.
“Virtually every day we see a new cyber incident make headlines, in large part because organizations are managing more identities than ever before and because they are unable to attain a 360-degree view of all their identities – which creates gaps, inconsistencies, and expands windows of exposure,” said Bhagwat Swaroop, president and GM, One Identity.
“We’ve seen firsthand that a holistic identity management strategy is a proven way for organizations to optimize visibility, control and protection.”
A unified identity and access management platform would help
A trend toward an end-to-end approach for identity security was underscored by the survey, with half of the respondents stating that an end-to-end unification of identities and accounts is needed to better respond to evolving market conditions. Almost two-thirds of respondents stated that a unified identity and access management platform would streamline their businesses approach.
Industry practices recognize that as ransomware (66 percent), phishing (52 percent) and RPA adoption concerns remain top of mind (94 percent of organizations who have deployed bots or RPA report challenges securing them), companies must plan to bolster business resiliency where they can – including investing in enhanced identity and governance administration (IGA) and privileged access management (PAM) solutions that can secure and govern growing identity ecosystems.