Identity Security Trends - gatepointresearch.com · SailPoint, the leader in enterprise identity...

Copyright ©2020 Gatepoint Research. All rights reserved. This report is the sole property of Gatepoint Research and may not be used, reproduced or redistributed in any form including, but not limited to, print & digital form without express written consent of Gatepoint Research.

Summary Results | 2020

Identity Security Trends

Sponsored by

Summary Results | 2020Copyright ©2020 Gatepoint Research. All rights reserved. This report is the sole property of Gatepoint Research and may not be used, reproduced or redistributed in any form including, but not limited to, print & digital form without express written consent of Gatepoint Research.

Survey Summary▶ From September 2019 to 2020, Gatepoint Research invited select executives to participate in a survey

themed Identity Security Trends.

▶ Participants were invited via email, with 315 executives’ responses to date.

▶ Participants profile: IT senior decision makers: 8% hold the title of CxO; 17% are vice presidents; 47% are director level; 28% are manager level.

▶ Industry representation includes business services, construction, consumer services, education, financial services, healthcare, manufacturing, mining, public administration, retail, telecom services, transportation, utilities, and wholesale trade.

▶ Participants representing firms:

§ 29% work in Fortune 1000 companies with revenues over $1.5 billion;

§ 19% work in Large firms whose revenues are between $500 million and $1.5 billion;

§ 13% work in Mid-Market firms with $250 million to $500 million in revenues;

§ 39% work in Small companies with less than $250 million in revenues.

▶ 100% of responders participated voluntarily.


Executive OverviewIdentities on the network can create havoc if left unmonitored. Governance policies and procedures focus on three questions: Who has access to what? Should they have access? How is that access being used? What are organizations doing to address those questions and control every identity and system on the network to protect valuable assets?

This survey asks respondents to report:

▶ How has their IT infrastructure changed in the last few years?

▶ Can they view every identity and system?

▶ Are they confident their digital identity governance policies are solid?

▶ What challenges do they have, and what capabilities would they like to see in the future?

▶ What governance solution capabilities would drive a budget decisions?


In what way has your organization's technical infrastructure changed in the last five years?

The most significant technical infrastructure changes in the past 5 years include dramatic growth in cloud adoption (73%), adoption of SaaS solutions (62%), and a proliferation in system integrations/APIs (57%). Less growth is seen in using robotic process automations (RPAs) and/or bots (23%).

73%

62%

57%

46%

29%

23%

3%

0% 10% 20% 30% 40% 50% 60% 70% 80%

We are adding workloads to the cloud

We are using more SaaS solutions

We have increased system integrations/APIs

We have increased the level of automation in our securityenvironment

We have gone through a merger/acquisition

We are using more robotic process automations (RPAs)and/or bots

Other


Are you able to view and control every identity and system throughout your organization?

While 20% of respondents say they can see all their identities and systems, the majority of respondents (59%) can only see some of the structure, and 14% have no visibility.

No14%

Some, but not all59%

Yes, completely

20%

I'm not sure7%


How regularly do you review and update identity policies and/or processes?

Identity policies and/or processes are reviewed throughout the year by 60% of the responders. 36% review annually or less frequently, and a surprising 4% never review these policies and processes.

7%

17%

24%

12%

36%

4%0%

5%

10%

15%

20%

25%

30%

35%

40%

Weekly Monthly Quarterly Twice annually Annually, or lessfrequently

Never


How confident are you that your digital identity governance policies are enforced by your current solution? Rate 1 to 5, 1=Not at all confident, 5=Extremely confident

Only 11% of respondents are extremely confident that their current solution enforces their identity governance policies. 13% have little to no confidence.

Extremely confidentNot at all confident

3%10%

34%

41%

11%

0%

5%10%

15%

20%

25%30%

35%

40%45%

1 2 3 4 5


Do you experience any of these challenges with your current identity governance program?

Manual processing is the #1 problem in 58% of responders’ identity governance programs, but a close second is entitlement creep at 54%. Not as startling but significant is the challenge of audit reporting or access re-certifications and ghost users.

58%

54%

47%

43%

14%

12%

0% 10% 20% 30% 40% 50% 60% 70%

Manual processing, e.g., provisioning, passwords, andpermissions

Entitlement creep (i.e. people moving roles and retainingprevious access)

Audit reporting/access re-certifications

Orphaned accounts (ghost users)

New or unknown bots and other digital identities

Other


What capabilities are most important in your identity governance solution?

Visibility and tracking of every identity and system in the infrastructure is the most important capability for an identity governance solution, say 69% of respondents. Half or more also list the following important capabilities: Automatic risk/security alerts; reporting/analytics (each cited by 57%); automated controls & provisioning, self-serve password and access resets (50%).

69%

57%

57%

56%

50%

47%

32%

3%

0% 10% 20% 30% 40% 50% 60% 70% 80%

Visibility over and tracking of all identities and systems in theinfrastructure

Automatic risk and security alerts

Reporting and analytics

Automated, rule-based controls & provisioning

Self-service capabilities, including password reset and accessrequest

Controlling user access to files (e.g. unstructured data)

Integration with other legacy systems (such as mainframes) inaddition to new technologies

Other


When it comes to securing budget, what business drivers are most important?

More than two thirds of responders cite risk reduction as a primary driver for securing budget dollars. 54% say improvements for users and IT for better productivity and operational efficiency are important. Other drivers include improved compliance, automation, and, of course, quick ROI.

68%

54%

48%

40%

35%

3%

0% 10% 20% 30% 40% 50% 60% 70% 80%

Risk reduction

Improved user and IT productivity/operational efficiency

Improved compliance

Automation of manual tasks

Quick return on investment

Other


Profile of Responders:Company Revenue

29% of those surveyed work in Fortune 1000 companies with revenues over $1.5 billion.

>$1.5billion29%

$500 million -$1.5 billion

19%$250 - 500 million13%

<$250 million39%


Profile of Responders:Job Level

71% of those surveyed hold director or executive level positions in their organizations.

CxO5%

VP18%

Director48%

Manager29%


SailPoint, the leader in enterprise identity governance, delivers security, operational efficiency and compliance to enterprises with complex IT environments.

Learn more at sailpoint.com

https://www.sailpoint.com/

Date post:	26-Sep-2020
Category:	Documents
Upload:	others
View:	2 times
Download:	0 times

Identity Security Trends - gatepointresearch.com · SailPoint, the leader in enterprise identity...

Documents