Cloud applications are helping to improve organizations’ speed and agility in an increasingly digital world. But they’re also creating significant challenges. In particular, enterprises are struggling to manage access security across their cloud-based and on-premises applications.
To raise awareness of the growing difficulties associated with managing access in the age of the cloud, international digital security company Gemalto has published Identity and Access Management Index 2018. The study, which synthesizes the responses of 1,050 IT decision makers interviewed between September and November 2017, reveals the majority view (54 percent of respondents) that most authentication measures used in the enterprise don’t measure up to those employed by popular websites such as Amazon and Facebook. For that reason, sixty-four percent of IT decision makers want to implement consumer-grade access to cloud services for their employees.
Gemalto’s study reveals that the threat of a security incident affects how most IT decision makers view access management. In fact, nine in 10 respondents to the survey said their organization’s security policies and access management reflects the rise of data breaches against consumer services. Along those same lines, the same percentage of executives (92%) are worried about their employees reusing personal credentials for work purposes.
Many organizations have implemented access controls to address those concerns. For instance, respondents told Gemalto that two-fifths of users in their organization use two-factor authentication to access applications such as VPNs, web portals, and assets hosted in the cloud. Nearly half of respondents (47%) hope to expand the use of 2FA in their organization within the next year.
But there are some obstacles to overcome first. Just forty-three percent of IT decision makers report that their organizations currently use 2FA to secure partners’, contractors’, and other external users’ access to online corporate resources. Most organizations would like to increase user’s mobile ability to access corporate resources, though half of IT decision makers say their security challenges have prevented their employers from doing so.
Francois Lasnier, SVP Identity and Access Management at Gemalto, says executives and senior IT professionals need to tackle those security obstacles head on:
These findings clearly show that IT managers are struggling to balance the need for a simple and easy login experience with security. While there is a need to make things easier for employees, there is a fine line to be walked. IT and business line managers would do best to figure out the risks and sensitivities associated with the various applications used in their organizations and then use access management policies to manage risk and apply the appropriate authentication method. In this way, they can ensure a convenient login experience for their users, while still maintaining access security.
Access management has become important for organizations in the past few years. In Gemalto’s study, almost all (94%) respondents disclosed their belief access management is integral to their decision to adopt new cloud applications. Without it, IT decision makers say numerous issues can arise. Those include the cloud becoming a security fear (52%), IT staff’s time not being used efficiently (39%), and a risk in IT costs (38%).
Lasnier rearticulated the importance of access management for organizations:
The rapid increase of cloud apps has brought organizations lots of benefits, but also caused a high degree of fragmentation in their ability to manage access security across numerous cloud and on-premises applications. Without effective access management in place, this is liable to lead to higher risk of breach, a lack of visibility into access events, regulatory oversite – and hamper organizations’ ability to scale in the cloud.
Learn how Gemalto’s access management solutions can help secure your employees’ and external users’ login experiences.
You can also obtain additional insights from our Identity and Access Management Index 2018.