80% of organisations say infrastructure access is top strategic priority
StrongDM, the infrastructure access platform, announced the results of a new survey of 600 DevOps professionals in 2022: The Year of Access.
As organisations look to embrace modern approaches to security in 2022, the survey has revealed that access management is one of the most crucial factors to achieving this goal. The data showed that 80% of organisations are looking to address access management as a strategic initiative over the next 12 months, highlighting the need to secure and streamline infrastructure-wide access controls as a prerequisite to other initiatives, like Zero Trust.
"Whether its ransomware, breaches, or just about any other type of security issue, virtually all begin at the same place access," says Tim Prendergast, strongDM CEO.
"The combination of legacy approaches, new technologies, and ever evolving organisations has made the process for getting access to infrastructure and systems long and arduous. It also makes implementing new security initiatives, such as Zero Trust, impossible without first addressing the pervasive and profound challenges associated with legacy access management," he says.
The data report reveals unsecure access management practices that make it difficult to track and audit users and permissions of critical business systems, including:
Technical staff at 93 percent of organisations have access to sensitive systems.
65 percent of organisations use shared logins; 41 percent use shared SSH keys.
Moreover, the report finds that legacy access processes create severe team inefficiencies, requiring intensive time and resources, and blocking agile development practices:
88 percent of organisations require two or more employees to review and approve access requests, taking days or weeks to fulfill.
Respondents cite their biggest challenges as the time required to request and grant access (52 percent), and the task of assigning, rotating, and tracking credentials (51 percent).
These challenges are further exacerbated as the number of employees and systems increase, with access requirements growing beyond human scale even before companies reach the mid-sized stage.
While many tools exist to connect users to applications, similar tools for infrastructure access remain elusive. This is due to the complexity of modern infrastructure, encompassing everything from legacy mainframes to multi-cloud environments, and the inexorable emergence of new technologies such as Kubernetes and containers.
These challenges extend across a company's entire technology stack, as respondents listed cloud providers, databases, data centers, and servers among the most challenging tools for access management. Further complicating access is that these technologies are additive - legacy tools continue in production while new tools are added. The result is an access challenge with ever-increasing complexity.
2022: The Year of Access report was produced by strongDM. The data is a result of an online survey of DevOps professionals conducted by Pollfish. A total of 600 participants, representing organisations of virtually every size, responded to the survey in September and October 2021.