Rapid growth of workforce identities poses new data security risks
Identity access management is hindered by a lack of organizational alignment, as workforce identities pose increasing risk. That’s among the findings of a new study by the Identity Defined Security Alliance (IDSA), an industry group that helps organizations leverage existing cyber security investments to establish a stronger security posture.
The report, “The State of Identity: How Security Teams Are Addressing Risk,” is based on an online survey of 511 IT security professionals in the U.S. conducted by Dimensional Research, and shows that 52 percent of the organizations surveyed have experienced a five-fold increase in the number of workforce identities. The rise is being driven primarily by mobile and cloud technology.
All of the survey respondents agree that a lack of strong IAM practices introduces security risk. Security leadership also cares “much more” about IAM now than ever, with importance anticipated to continue to increase over the next five years.
Despite the apparent understanding of risk, however, only half of IT security professionals said their security team has any level of ownership for workforce IAM. And less than one quarter (24 percent) said their teams have “excellent” awareness of their company’s identity strategy.
"With the majority of today’s breaches tied to compromised credentials and the number of credentials skyrocketing, IAM is a critical and complex issue that spans many organizational teams, requiring a strategy around people, processes and technology,” said Julie Smith, executive director of the IDSA.
“The findings highlight that addressing identity security through integrated technologies is only one piece of the puzzle,” Smith said. “Without collaboration amongst all stakeholders and a clear understanding of responsibilities and handoff points, identity incurs greater risk.”