Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Authentication

8/22/2019
10:30 AM
John Bennett
John Bennett
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

5 Identity Challenges Facing Today’s IT Teams

To take control over your company's security, identify and understand the biggest identity and access management challenges facing IT teams today and start addressing them.

The business landscape is transforming, along with a workforce that is increasingly modernizing where and how they want to work. Employees expect access to the tools they need anytime, from any device. As a result, IT teams are increasingly challenged to manage remote employees, give out user access, and secure company data. The hardest part is balancing multiple, often competing, priorities of reducing cost, user experience, efficiency, and effectiveness, as well as security.

To take control over the security of your organization, it's important to identify and understand the biggest identity and access management challenges facing IT teams today and how to start addressing them. 

1. Managing a Digital Workforce
Now that millennials make up a larger portion of the workforce, the turnover rate has increased. That brings challenges for IT, including more time spent setting up new employees with computers and access to work-essential applications, increased pressure to complete this setup quickly so the employee can focus on valuable work, and the need to securely manage and control access from the start.

This modern workforce is mobile and remote, so employees expect access to their apps and devices from anywhere. IT must find a way to determine who is accessing what data, on which device, on which network. Each new touchpoint opens the door to increased risk, especially those third-party apps not approved or set up by IT, so it's vital that access is securely managed.

2. Balancing Ease of Use and Security
When it comes to managing identity, two elements are at play. IT teams are focused on securing data and protecting the company from a data breach. On the other side, employees want to get their work done quickly and easily. Identity technology must manage each user identity in a way that meets these requirements of both ease of use and security. Any added tools and processes just add complexity to employees' workday, which affects productivity, while reduced security opens the business up to risk of breaches and insider threats.

Ease of use is particularly important and is even driving key business decisions — if a product doesn't meet an end user's standards, it won’t be used.

3. Prioritizing Passwords
Account lockouts, forced password resets, and regular password rotation can only lead to frustration. They're also expensive and pull IT and employee resources away from day-to-day responsibilities. Recent research we sponsored found that, on average, IT teams spend four hours per week on password management-related issues alone and receive 96 password-related requests per month. In addition to the resource drain, this often results in employees resorting to poor practices such as password reuse, documenting passwords in a spreadsheet or note on a phone, and emailing or sharing passwords. Each weak or shared password presents a risk to the company; it can result in a data breach and loss of company data.

4. Addressing Gaps in Technology
As more employees bring new tools into the workplace, IT can get left out of the loop on critical applications that entire teams may use to manage company data. This on top of juggling numerous approved tools and apps — including legacy, on-premises, cloud and mobile apps — makes it difficult for IT to know which are in use within the business, leaving them unable to protect the company data within.

Having the right tools in place enables IT to set up a more holistic security system and maintain that system going forward. Recent research shows that rather than investing in piecemeal solutions, 93% of IT professionals agree that bringing the various aspects of identity and access management under one solution would greatly benefit the overall security of the organization.

5. Determining the Costs of Applications and Services
When budgets and employee resources are tight, justifying the investment for additional security tools isn't always easy. IT teams feel pressure to find the most cost-effective solution that optimizes both user experience and security, without utilizing too many resources.

Not investing in security really isn’t an option, given that costs to a business could be even greater. The average total cost of a data breach in the United States last year was nearly $8 million, and 82% of IT professionals in our recent survey said their business was exposed to a risk as a result of poor identity and access management practices, including loss of employee data (36%), loss of customer data (33%), and financial losses (26%), to name a few.

Take Control of Your Organization's Security
To manage identity in your organization, first identify what success looks like and set goals. Having goals means you can present them to stakeholders to ensure you're all on the same page. Next, look at the systems in use at your company; are they cloud, homegrown, on-premises? Determine which ones you're committed to keeping versus those you want to replace. Once your goals and parameters are set, you need a team with a stake in success — this includes both leadership buy-in and employees from across departments who can test the solution for ease of use. While these five challenges exist, with the right solution in place, managing access and increasing security is simple.

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "You Gotta Reach 'Em to Teach 'Em.

John Bennett serves as Senior VP and General Manager of LogMeIn's Identity and Access Management business unit. In this role, he is responsible for the general management and business development of all LogMeIn IAM products, including market-leading password manager, ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
AndrewfOP
50%
50%
AndrewfOP,
User Rank: Moderator
8/23/2019 | 9:52:34 AM
Another strike against password rotations and many, many passwords
" ...IT teams spend four hours per week on password management-related issues alone and receive 96 password-related requests per month... results in employees resorting to poor practices such as password reuse, documenting passwords in a spreadsheet or note on a phone, and emailing or sharing passwords...."

This is why I never believe in password rotation or multiple password for essential systems. Critical systems should be unified so user behaviors could be tracked for potential security breach, inside or outside of the companies. Passwords are likely to stay with us for the foreseeable future. Biometrics and other latest user identifications are not exactly hack-proof. However, users doing what they are not supposed to do, that's easy to spot.
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.