Although remote work has been a top concern for cybersecurity leaders since the COVID-19 pandemic shifted working environments online, only 28% of surveyed IT security practitioners say their organizations are determining if remote workers are securely accessing the network.

The State of Enterprise Identity report, conducted by the Ponemon Institute and sponsored by Saviynt, surveyed 1,043 information technology (IT) and IT security leaders about identity and access management (IAM) initiatives at their organizations.

According to research findings, 16% of respondents have a fully mature IAM strategy in place, which is characterized by fully operating programs, skilled workers and C-level and board executive awareness. The remainder (84%) are currently dealing with inadequate budgets, programs stuck in a planning phase, and/or lack of senior-level awareness.

Over the past two years, 56% of respondents claim their business had an average of three data breaches or other access-related security incidents. Further, 52% of these respondents claim the breach was due to lack of comprehensive identity controls or policies.

Reduce IAM risks

Enterprise-wide visibility is critical to reducing risks in privileged user access and yet today’s complex enterprise ecosystems only further impede transparency. According to findings, 35% are confident that they can determine privileged users are compliant with policies. The number one reason for lack of confidence in achieving visibility of privileged user access is confirmed by 61% of respondents, citing that they can’t keep up with the changes occurring to their IT resources.

Data shows that 46% of respondents say their business failed to comply with regulations because of access-related issues. Beyond lawsuits and fines, many victims have suffered from loss of revenue, customers, and reputation, but 64% say IT system downtime was the biggest consequence of compliance failures.

Remote & hybrid workers still present security risks, according to the report. Thirty-seven percent of respondents report the number one step to secure the hybrid, remote workforce is screening new employees.

View more report findings here.