A surge in digital identities creating critical obstacles for businesses
One Identity has released survey findings revealing a significant increase in digital identities globally.
Known as identity sprawl, the phenomenon has been driven by surges in user identities (internal, third parties, and customers), machine identities and new accounts generated by an increase in remote work. Over eight in ten respondents say the number of digital identities they manage has doubled in 2021, and 25% reported a 10x increase during the same period.
In a survey of 1,009 IT security professionals, Dimensional Research found identity sprawl is a critical obstacle to overcome as businesses seek to optimise their overall cybersecurity posture. Half of all companies surveyed reported using 25 or more different systems to manage access rights, with one in five respondents using more than 100.
According to One Identity, the second challenge is the fragmented way most organisations address identity security. Fifty-one percent of respondents say multiple silos yield a lack of visibility regarding who has access to what system.
The result of managing identity security in silos is significant levels of complexity and risk. The research found 85% of organisations have employees with more privileged access than necessary, making it easier for bad actors to exploit unknowing internal stakeholders to gain access to a given organisation.
"Only 12% of professionals are fully confident they can prevent a credential-based attack," says One Identity president and general manager, Bhagwat Swaroop.
"This occurs when attackers steal insider credentials to gain initial access, bypassing an organisation's security measures. Virtually every day, we see a new cyber incident make headlines, in large part because organisations are managing more identities than ever before. They are also unable to attain a 360-degree view of all their identities, which creates gaps, inconsistencies, and expands windows of exposure," he says.
"We've seen first-hand that a holistic identity management strategy is a proven way for organisations to optimise visibility, control and protection."
The survey underscored a trend toward an end-to-end approach for identity security, with half of the respondents stating that an end-to-end unification of identities and accounts is needed to better respond to evolving market conditions. Close to two-thirds of respondents say a unified identity and access management platform would streamline their businesses approach.
Industry practices recognise that as ransomware (66%), phishing (52%), and RPA adoption concerns remain top of mind (94% of organisations who have deployed bots or RPA report challenges securing them), companies must plan to bolster business resiliency where they can. This includes investing in enhanced identity and governance administration (IGA) and privileged access management (PAM) solutions to secure and govern growing identity ecosystems.
Dimensional Research conducted the One Identity-commissioned research, which surveyed 1,009 IT security stakeholders globally between September 8 and September 27, 2021.