Survey Reveals Need for Real-Time Identity and Access Intelligence
A survey of IT managers shows gaps in access risk management programs, but also reveals that IT managers are very aware of their needs and what they have to do to address them.
When asked to define risks to their organization, the majority of IT managers define their top risks as the potential loss of sensitive data, corporate reputation, intellectual property or revenue. Yet only 12 percent conduct reviews more than monthly to certify that user access poses no risk to those assets. They also struggle with the challenge of identifying what their biggest access risks are and the need to develop and execute processes specifically aimed at managing them. More than 60 percent of IT managers review user access privileges only four times per year or less, and those reviews only ensure companies are observing security and audit best practices. They’re not focused on identifying new or growing areas of access risk from internal users abusing privileges. With internal and external threats to data multiplying quickly, such infrequent reviews aren’t keeping pace with the growth of user access risk levels.