Enterprises waste money on identity tools they don’t use

Misguided enterprise investment in multiple identity tools is proving insufficient in defending against today’s threat landscape, according to One Identity.

96% of companies report using multiple identity management tools, with 41% deploying at least 25 different systems to manage access rights. However, 70% of companies reported they’re paying for identity tools they’re not actively using. This investment in multiple disparate identity tools is having a direct impact on their overall security posture.

Companies have acquired multiple identity tools to deal with the surge in digital identities (or digital profiles accessing enterprise data and applications), creating identity sprawl that weakens their cybersecurity postures. 52% of companies manage more than 10,000 identities, which include access rights given to employees, devices, machines, digital identities, and customers.

“Legacy approaches to identity and access management have caused organizations to adopt multiple identity solutions, and the lack of interoperability between these tools has a direct business and security impact,” said Mark Logan, CEO of One Identity.

He added, “Our research shows that organizations see the negative impact that multiple, fragmented identity tools have on their business. By shifting security professionals’ mindset from a disparate, tool-based approach to a platform approach, businesses can improve their identity security defenses to protect against the modern threat landscape.”

Among other key findings from the survey:

The need for shoring up identity-based defenses is significant. Nine in 10 organizations were hit by an identity-based attack in the last year, with almost 70% of companies experiencing a phishing attack. According to 80% of respondents, better identity management tools could have prevented the impact of many such attacks.

Essentially all companies (99%) report that identity tool inefficiencies have a direct cost on their business. In fact, 42% of businesses report that those inefficiencies are costing businesses over $100,000 per year.

The deployment of multiple identity management tools impacts security posture and drains productivity. Consider that for those with multiple tools:

• 44% reported increased risk due to potential gaps in coverage
• 46% reported IT admins are spending too much time managing redundancies
• 46% reported IT admins are managing too many tools to gain in-depth expertise in any of them
• 41% report that IT team’s productivity is lower because they have to learn similar tasks across multiple systems

The good news is that companies are looking to improve their identity security, with an overwhelming 90% of companies surveyed planning to consolidate their security or identity management tools. Of that 90%, more than half plan to do so in the next year. More than half (54%) of respondents also believe that a unified identity platform for access and identity management would benefit their organization’s identity management strategy.