Uptick in cloud-based identity and access management in enterprises - survey
The popularity of cloud-based identity and access management (IAM) adoption in enterprises is on the rise, particularly as enterprise organisations tackle the growing problem of identity sprawl.
According to a survey by ThycoticCentrify, IT decision makers in the United States are quickly turning to IAM and privileged access management (PAM) in cloud environments.
Of the 150 polled decision makers, 89% have implemented best-of-breed solutions for IAM and PAM within cloud environments such as hybrid and multi-cloud.
When asked what benefits cloud brings to their organisation, organisations cite availability, collaboration, cost savings and scalability as benefits, however, 2.67% say there are no significant cost benefits at all.
Organisations are also aware of the risks - the top risk being the challenge of managing multi-cloud environments. This is followed by cybersecurity risks, cloud migration and compliance.
According to the survey, 65% say their business has identified a cyber attack on their cloud environment in the last year. Of those, 80% admitted that at least one attack was successful in compromising their cloud environment, while 16% say no attacks have compromised their environment, and 1% are not sure.
Furthermore, 90% also acknowledge that cyber attacks on their businesses in the last year started because privileged credentials had been compromised.
“Digital transformation, accelerated by many organisations in early 2020, led to a sharp rise in identity sprawl in the enterprise, making credentials more vulnerable to attack than ever before,” comments ThycoticCentrify CEO Art Gilliland.
40% of respondents say that it is still challenging to manage multi-cloud environments, despite acknowledging that the move to the cloud is important. These challenges are compounded by the fact that many respondents use separate IAM tools for each individual cloud environment.
“The considerable adoption of cloud IAM solutions paints a hopeful picture for the future of protecting digital identities. Rather than using disparate tools for each cloud environment, however, companies should optimize their approach with comprehensive IAM and PAM platforms inherently built to control access across all cloud providers and minimise the attack surface,” says Gilliland.
Respondents often rely on their cloud service provider for IAM protection, with 80% admitting they do so, 16.7% refusing to do so, and 3% saying they are unsure.
Organisations use tools such as privilege elevation and delegation management (57%), multi-factor (or two-factor) authentication (53%), and password vaulting (51%), single sign on (35%) and active directory (AD) bridging (25%).
The research was conducted by CensusWide and commissioned by Centrify.