Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Authentication

8/22/2019
10:30 AM
John Bennett
John Bennett
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

5 Identity Challenges Facing Todays IT Teams

To take control over your company's security, identify and understand the biggest identity and access management challenges facing IT teams today and start addressing them.

The business landscape is transforming, along with a workforce that is increasingly modernizing where and how they want to work. Employees expect access to the tools they need anytime, from any device. As a result, IT teams are increasingly challenged to manage remote employees, give out user access, and secure company data. The hardest part is balancing multiple, often competing, priorities of reducing cost, user experience, efficiency, and effectiveness, as well as security.

To take control over the security of your organization, it's important to identify and understand the biggest identity and access management challenges facing IT teams today and how to start addressing them. 

1. Managing a Digital Workforce
Now that millennials make up a larger portion of the workforce, the turnover rate has increased. That brings challenges for IT, including more time spent setting up new employees with computers and access to work-essential applications, increased pressure to complete this setup quickly so the employee can focus on valuable work, and the need to securely manage and control access from the start.

This modern workforce is mobile and remote, so employees expect access to their apps and devices from anywhere. IT must find a way to determine who is accessing what data, on which device, on which network. Each new touchpoint opens the door to increased risk, especially those third-party apps not approved or set up by IT, so it's vital that access is securely managed.

2. Balancing Ease of Use and Security
When it comes to managing identity, two elements are at play. IT teams are focused on securing data and protecting the company from a data breach. On the other side, employees want to get their work done quickly and easily. Identity technology must manage each user identity in a way that meets these requirements of both ease of use and security. Any added tools and processes just add complexity to employees' workday, which affects productivity, while reduced security opens the business up to risk of breaches and insider threats.

Ease of use is particularly important and is even driving key business decisions — if a product doesn't meet an end user's standards, it won’t be used.

3. Prioritizing Passwords
Account lockouts, forced password resets, and regular password rotation can only lead to frustration. They're also expensive and pull IT and employee resources away from day-to-day responsibilities. Recent research we sponsored found that, on average, IT teams spend four hours per week on password management-related issues alone and receive 96 password-related requests per month. In addition to the resource drain, this often results in employees resorting to poor practices such as password reuse, documenting passwords in a spreadsheet or note on a phone, and emailing or sharing passwords. Each weak or shared password presents a risk to the company; it can result in a data breach and loss of company data.

4. Addressing Gaps in Technology
As more employees bring new tools into the workplace, IT can get left out of the loop on critical applications that entire teams may use to manage company data. This on top of juggling numerous approved tools and apps — including legacy, on-premises, cloud and mobile apps — makes it difficult for IT to know which are in use within the business, leaving them unable to protect the company data within.

Having the right tools in place enables IT to set up a more holistic security system and maintain that system going forward. Recent research shows that rather than investing in piecemeal solutions, 93% of IT professionals agree that bringing the various aspects of identity and access management under one solution would greatly benefit the overall security of the organization.

5. Determining the Costs of Applications and Services
When budgets and employee resources are tight, justifying the investment for additional security tools isn't always easy. IT teams feel pressure to find the most cost-effective solution that optimizes both user experience and security, without utilizing too many resources.

Not investing in security really isn’t an option, given that costs to a business could be even greater. The average total cost of a data breach in the United States last year was nearly $8 million, and 82% of IT professionals in our recent survey said their business was exposed to a risk as a result of poor identity and access management practices, including loss of employee data (36%), loss of customer data (33%), and financial losses (26%), to name a few.

Take Control of Your Organization's Security
To manage identity in your organization, first identify what success looks like and set goals. Having goals means you can present them to stakeholders to ensure you're all on the same page. Next, look at the systems in use at your company; are they cloud, homegrown, on-premises? Determine which ones you're committed to keeping versus those you want to replace. Once your goals and parameters are set, you need a team with a stake in success — this includes both leadership buy-in and employees from across departments who can test the solution for ease of use. While these five challenges exist, with the right solution in place, managing access and increasing security is simple.

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "You Gotta Reach 'Em to Teach 'Em.

John Bennett serves as Senior VP and General Manager of LogMeIn's Identity and Access Management business unit. In this role, he is responsible for the general management and business development of all LogMeIn IAM products, including market-leading password manager, ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
AndrewfOP
50%
50%
AndrewfOP,
User Rank: Strategist
8/23/2019 | 9:52:34 AM
Another strike against password rotations and many, many passwords
" ...IT teams spend four hours per week on password management-related issues alone and receive 96 password-related requests per month... results in employees resorting to poor practices such as password reuse, documenting passwords in a spreadsheet or note on a phone, and emailing or sharing passwords...."

This is why I never believe in password rotation or multiple password for essential systems. Critical systems should be unified so user behaviors could be tracked for potential security breach, inside or outside of the companies. Passwords are likely to stay with us for the foreseeable future. Biometrics and other latest user identifications are not exactly hack-proof. However, users doing what they are not supposed to do, that's easy to spot.
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2019
Preventing PTSD and Burnout for Cybersecurity Professionals
Craig Hinkley, CEO, WhiteHat Security,  9/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-9717
PUBLISHED: 2019-09-19
In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.
CVE-2019-9719
PUBLISHED: 2019-09-19
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
CVE-2019-9720
PUBLISHED: 2019-09-19
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
CVE-2019-16525
PUBLISHED: 2019-09-19
An XSS issue was discovered in the checklist plugin before 1.1.9 for WordPress. The fill parameter is not correctly filtered in the checklist-icon.php file, and it is possible to inject JavaScript code.
CVE-2019-9619
PUBLISHED: 2019-09-19
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.