Security is the number one reason why IT professionals implement single sign-on (SSO) and identity and access management (IAM) technology, according to new research from Symplified, the leader in Identity-as-a-Service for the hybrid cloud. The average organization now manages thousands of employee, customer and partner identities through dozens of on-premises and cloud-based apps, but the IAM and SSO solutions they are using have left them vulnerable to data breaches and hindered visibility into application usage.
Surveying 200 U.S. IT professionals at organizations of all sizes, Symplified found:
- · 70% of respondents said security was the primary reason for adopting IAM and SSO, ahead of user convenience and supporting mobile access
- · The average organization now manages up to 50 on-premises applications -- two times the number of cloud-based applications currently managed
- · Only 37% of organizations with existing IAM and SSO solutions have visibility into details like what files users are downloading while logged into applications locally or remotely
- · 59% have experienced unauthorized data access by a user whose account remained active when it should have been de-provisioned
- · 71% replicate user data in the cloud with their IAM and SSO solutions, including passwords and birth dates, which introduces the unnecessary risk of placing sensitive user data outside the organization’s control
“Businesses are increasingly running on a mix of on-premises and cloud-based applications, and it’s great to see they recognize the need to secure the customer, partner, contractor and employee data flowing through them,” said Shayne Higdon, president and CEO of Symplified. “However, among the IT professionals with some form of IAM and SSO in place, our findings showed widespread issues with compliance and auditing, account de-provisioning, and replication of sensitive data in the cloud – all inherent risks associated with using services that are designed for user convenience and don’t take a holistic approach to Identity-as-a-Service (IDaaS).”
A comprehensive IDaaS solution mitigates these security and compliance risks by providing IT with a proxy-based solution that delivers a detailed audit trail of how apps are being used locally and across mobile devices in the era of BYOD. It also gives IT centralized management and control to automatically enforce policies based on roles and attributes defined in user directories, and instantly de-provision accounts across all applications when a user leaves an organization. Users are also provided with a centralized, single access point to all their applications which not only delivers convenience but also prevents them from entering applications through “side doors” to evade IT monitoring and control.
Additionally, the most effective IDaaS solution serves as an identity bridge, managing employee, customer, contractor and partner identities and access across any device or application, located on-premises or in the cloud, by leveraging existing on-premises identity stores without any unnecessary user data replication.
Additional IDaaS research findings:
The primary reasons why IT adopts IAM and SSO:
- · 70% with a solution in place reported security was their primary motivation for implementation
- · 51% cited IT resource reduction, while 49% cited convenience/user experience and 43% cited automating user provisioning
- · Additional reasons: Supporting mobile access (43%), compliance (42%), usage auditing (41%) and strong authentication (31%)
- · 74% of respondents without IAM and SSO solutions in place plan to implement one within the next 24 months, citing security (50%), IT resource reduction (39%), user convenience (32%), and strong authentication (32%) as top reasons
Bridging identities and applications on-premises and in the cloud:
- · 31% of IT professionals surveyed manage up to 50 on-premises applications; 28% manage as many as 500
- · 26% manage up to 25 cloud-based applications; 20% manage as many as 50
- · 98% are managing employee user identities via IAM and SSO solutions, managing on average up to 1,000 employee identities
- · 93% are managing customer user identities, with the average respondent managing up to 2,500 customer identities
- · 96% are managing partner user identities, with the average respondent managing up to 1,000 partner identities
Employee, customer and partner data is being put at risk as it is replicated in the cloud:
- · IT professionals surveyed who manage employee identities reported their IAM and SSO solutions replicate the following data in the cloud: Username (88%), password (86%), full name (55%), and birth date (35%)
- · Those managing partner identities reported their IAM and SSO solutions replicate the following data: Username (80%), password (77%), full name (77%), and birth date (25%)
- · Those managing customer identities reported their IAM and SSO solutions replicate the following data: Username (78%), password (70%), full name (53%), and birth date (23%)
Research methodology: Between February 7-11, 2013, 200 IT professionals at US-based companies ranging in size and industry completed a web-based survey commissioned by Symplified from Qualtrics. Respondents were IT decision makers (43%), CIOs (37%) and IT administrators (21%). At the 95% confidence level the margin of error is +/- 6.3 percentage points.
Symplified enables IT organizations to simplify user access to applications, regain visibility and control over usage and meet security and compliance requirements. Symplified provides single-sign-on, identity and access management, directory integration, centralized provisioning, strong authentication, mobile device support and flexible deployment options. Symplified is headquartered in Boulder, Colorado, and can be found online at www.symplified.com.