Identity management difficulties continue to plague IT departments

Centralizing and managing identity data remains a low priority for many IT decision-makers, according to a new study.

cso security access granted breach hack identity theft gettyimages 1191670668 by reklamlar 2400x160
reklamlar / Getty Images

A survey released Monday by Gartner and identity management vendor Radiant Logic indicates that most companies are suffering from complicated credential and identity issues, but few are taking steps to address it.

The issue, according to Radiant Logic, is what it calls “identity sprawl”—businesses require identification and credentialling for an increasingly large number of systems these days, meaning that a given user might have one login for the HR system, another for one set of shared assets on the company network, another still for an official Microsoft account, and so on.

Beyond being a headache for employees, Radiant Logic said this is a serious issue for IT departments for several reasons, not least of which is the complexity of managing identity across all the associated systems.

“The lack of visibility and control across all these systems creates the opportunity for identity-driven cyber-attacks—offering more opportunities for misuse or negligence by individuals (employees, former employees, contractors, partners) and opening the door for cybercriminals to take advantage and move laterally throughout an organization,” the company said in a press release.

ID issues costly to manage, IT pros say

The survey, which covered 100 IT decision makers from around the world, found that 67% of respondents were both aware of the potential problems caused by overcomplicated identity management and unaware of how to address them, while 61% said that the issue is “too time-intensive and costly” to manage.

The scale of the problem, at some companies, is difficult to overemphasize, according to Radiant Logic. Sixty percent of respondents said that the average user has more than 21 disparate identities across their companies systems, and two-thirds of respondents said that the issues cause technical debt and, of course, frustration in the workforce.

Employee frustration, poor security and technical debt are all interrelated, the company noted. It’s increasingly difficult to prevent workers from reusing workplace credentials for personal applications, making them less secure, but it’s also increasingly commonplace.

“IT leaders are concerned about budget constraints, employee frustration, and poor identity management practices,” the survey’s authors wrote. “Meanwhile, employees are frustrated because they can’t access the resources they need—leading to wasted time, reduced productivity, and depleted support.”

Other data points in the survey included the fact that the biggest identity-related complaint from the respondents is systems having poor integration with new tools and applications, at 71%—and an identical percentage said that they didn’t have sufficient budget to pursue identity-related projects.

Copyright © 2022 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)