Story image

SailPoint releases first identity annual report

14 Dec 2018

Enterprise identity governance provider Sailpoint Technologies has released the 2018 Identity Report, a benchmark for the industry.

In 2017, SailPoint launched a free assessment tool to help identify areas of exposure for companies, which automatically computed an “Identity Score” based on its results. 

After analysing hundreds of completed self-assessments and the correlating Identity Scores, SailPoint found that while the majority of organisations have an identity program in place, there is still much work to be done to address holes in their security programs. 

SailPoint corporate marketing vice president Kari Hanson says, “IT leaders are struggling to secure an increasingly complex IT environment, driven by the need to govern a diverse population of users, now including non-human users like software bots, as well as an explosion of both applications and data.”

“Our goal with the Identity Report, coupled with individual Identity Scores, is to provide IT leaders with a roadmap to systematically improve their security and compliance programs.”

In order to adapt to their own digital transformation, organisations are now starting to put access control front and centre in their security strategy to properly monitor who has access to what applications and data.

SailPoint’s Identity Report showed that 54% of organisations have an identity program in place.

However, SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.

Just 20% of organisations have visibility over all of their users, and seven percent have no visibility over their users at all.

Not only is this a compliance requirement for organisations today, but this puts IT teams in the impossible position of trying to secure what they cannot see.

Further, 88% of organisations are not properly governing access to data stored in files, including such common formats as Excel and PowerPoint.

In fact, only one in 10 organisations are monitoring and governing their users’ access to data in files. By leaving the corporate data stored in files and folders unmonitored and ungoverned, organisations are leaving a gaping hole in their security programs.

While the Identity Report exposes areas of risk, it also highlights an opportunity for most organisations.

Today, only 10% of organisations have fully automated identity processes in place, although many companies are working toward increased efficiencies.

For already-lean IT teams, an identity governance platform provides the visibility and control required to automate employee-driven processes like password management and access request.

This frees IT staff to focus on other risk areas and ensures employee productivity.

“The ultimate goal of any identity program is to efficiently deliver access to users, securely and confidently,” says Hanson.

“When enterprises are able to see, understand and govern their users’ access to all business applications and data, they are better protected against potential threats.

“This turns identity into a business enabler for organisations, helping them to properly secure and govern all of their digital identities at the speed of business today.”

 

Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.
Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
SIS announces a partnership with Platform 4
“We are looking forward to a strong future in the New Zealand security industry with this global giant as our strategic partner."
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.