SecurityBrief Asia logo
Story image

Uptick in cloud-based identity and access management in enterprises - survey

03 May 2021

The popularity of cloud-based identity and access management (IAM) adoption in enterprises is on the rise, particularly as enterprise organisations tackle the growing problem of identity sprawl.

According to a survey by ThycoticCentrify, IT decision makers in the United States are quickly turning to IAM and privileged access management (PAM) in cloud environments.

Of the 150 polled decision makers, 89% have implemented best-of-breed solutions for IAM and PAM within cloud environments such as hybrid and multi-cloud.

When asked what benefits cloud brings to their organisation, organisations cite availability, collaboration, cost savings and scalability as benefits, however, 2.67% say there are no significant cost benefits at all.

Organisations are also aware of the risks - the top risk being the challenge of managing multi-cloud environments. This is followed by cybersecurity risks, cloud migration and compliance.

According to the survey, 65% say their business has identified a cyber attack on their cloud environment in the last year. Of those, 80% admitted that at least one attack was successful in compromising their cloud environment, while 16% say no attacks have compromised their environment, and 1% are not sure.

Furthermore, 90% also acknowledge that cyber attacks on their businesses in the last year started because privileged credentials had been compromised. 

“Digital transformation, accelerated by many organisations in early 2020, led to a sharp rise in identity sprawl in the enterprise, making credentials more vulnerable to attack than ever before,” comments ThycoticCentrify CEO Art Gilliland.

40% of respondents say that it is still challenging to manage multi-cloud environments, despite acknowledging that the move to the cloud is important. These challenges are compounded by the fact that many respondents use separate IAM tools for each individual cloud environment.

“The considerable adoption of cloud IAM solutions paints a hopeful picture for the future of protecting digital identities. Rather than using disparate tools for each cloud environment, however, companies should optimize their approach with comprehensive IAM and PAM platforms inherently built to control access across all cloud providers and minimise the attack surface,” says Gilliland.

Respondents often rely on their cloud service provider for IAM protection, with 80% admitting they do so, 16.7% refusing to do so, and 3% saying they are unsure. 

Organisations use tools such as privilege elevation and delegation management (57%), multi-factor (or two-factor) authentication (53%), and password vaulting (51%), single sign on (35%) and active directory (AD) bridging (25%).

The research was conducted by CensusWide and commissioned by Centrify.

Story image
Video: 10 Minute IT Jams - SonicWall manager dissects zero trust security
Today’s interviewee is SonicWall head of presales for APAC, Yuvraj Pradhan, who discusses various talking points surrounding zero trust security.More
Story image
Imperva advances API security solution with CloudVector acquisition
"Combined with an expanding surface area and novel exploits, all organisations need stronger API visibility and advanced protection."More
Story image
Interpol announces it will join the Coalition Against Stalkerware
The international criminal police organisation Interpol has announced that it will join forces with the Coalition Against Stalkerware, which cybersecurity company Malwarebytes is a part of.More
Story image
CrowdStrike launches integrations to advance NDR for enterprise
"This integration with NDR partners provides mutual customers a comprehensive, holistic cybersecurity solution with enhanced visibility, streamlined detection and response and frictionless automation."More
Story image
Dell Technologies partners with SecureWorks for new security service
The new Dell Technologies Managed Detection and Response powered by Secureworks TaegisXDR provides 24/7 security across endpoint devices, data centre networks and cloud environments.More
Story image
COVID-19 has changed the way companies handle data security
According to data classification company Titus, the rise in remote working under COVID-19 has delivered far-reaching changes in how we do business, with significant implications for CISOs, compliance, and data governance officers. More