The Covid 19 pandemic has forced all of us to rethink cybersecurity. The transition to remote work and online service models has brought to the forefront a lot of cybersecurity vulnerabilities. While it has demonstrated our growing dependence on technology, it also highlighted the importance of security.
Research by Gartner indicates that a majority of legal and compliance leaders believe that the pandemic has increased the risk of cybersecurity incidents and data breaches – and yet, many enterprises often lag behind in complying with cybersecurity rules and regulations.
Also, with companies being largely dependent upon remote work, implementation of cloud-based applications has seen a faster and steady increase; even faster than the implementation of protocols needed to safely use them. As a result of these, there is a tremendous pressure on the CIOs and CISOs of organizations to scrutinize the existing IT and cybersecurity decisions and invest in an enhanced security posture.
In the modern IT environment, data, applications, and devices are no longer bound by the confines of corporate premises or data centers. They are distributed across multiple private and public clouds and the edge. With network perimeters fading away, traditional security frameworks will no longer function the way they used to putting enterprise data at risk.
How do you protect digital assets in a distributed perimeter-less environment? Threat actors will continue to target devices that are not updated. There has been a staggering increase in the number of ransomware and malware.
One of the fundamentals of protecting digital identities is securing machine identities. Machine identities are digital certificates that serve as proofs for a machine’s authenticity on a network. These certificates help validate machines’ identities and enable them to securely communicate with other devices and applications on the network through encrypted channels.
AppViewX commissioned market research specialist Vanson Bourne to undertake a quantitative study to determine some of the key complexities organizations face in managing digital identities, how to overcome such challenges and the way forward. The research process involved interviewing more than 1,000 IT security decision makers in organizations of 1,000 or more employees across private and public sectors and across geographies.
The Challenges of Machine Identity Management
The lack of a defined system to manage identities is simply a synonym for mismanagement. And the effects of mismanagement are often manifold. After all, just one expired certificate paints a target on the entire network for hackers to infiltrate and abuse.
The study revealed that 61% of enterprises lack knowledge of their certificates and keys making them ill equipped to manage their machine identities effectively. The impact of this was resounding too, with 55% of these enterprises reporting cybersecurity breaches and 35% stating they experienced organization-wide system outages.
How are organizations responding to such challenges?
“Positively, while many organizations are struggling to have full awareness of certificates and keys across their digital assets, there is strong belief that implementing the right solution would provide tangible benefits, and the vast majority (87%) agree that a robust certificate lifecycle management tool would eliminate outages in their organization. With outages potentially causing disruption to workflows, financial repercussions and damage to customer relationships, the case for improvements to be made is clear.”
“With the benefits of using the right Machine Identity Management solution being so clear, it is promising to note that many are indicating that they are committed to ensuring their solutions are up to task. The vast majority of respondents (90%) say Machine Identity Management is a top or high priority in their organization.”
93% of organizations with 1000-2,999 employees are greatly prioritizing machine identity management as compared to 89% of organizations with 3000-4,999 employees and 87% of organizations with more than 5000 employees
The study further throws light on various factors that contribute to enterprises making an effort to improve upon their machine identity management solutions. From increased IoT deployments and monitoring their certificates to improving compliance with regulations, the reasons were aplenty. Many organizations just wanted a simple, easy to manage solution while others were responding to a breach or attack they had recently faced due to poorly managed certificates and keys.
On understanding the factors driving this change, it was important to cover challenges being faced by these organizations as they attempt to implement these solutions. While some organizations reported facing considerable complexity in implementing machine identity management solutions across all areas of their IT infrastructure, other organizations (especially smaller ones) experienced difficulty in getting the right skill set in their IT security teams to manage these solutions. Budget and compliance concerns too were reported as tangible challenges experienced.
The path forward
The final phase of the study provided an outlook of the next generation of machine identity management solutions. The study sought expectations organizations had towards the next generation of machine identity management solutions and found a diverse yet common thread among them.
Few essential areas organizations believed are important included automated machine identity management workflows, deployment of solutions on hybrid/multi-cloud environments and the option of consuming machine identity-as-a-service.
“94% of organizations believe in cost savings from automating machine identity management workflows while 57% see automated machine identity management workflows as essentials of a next-generation solution.”
The crux of the Vanson Bourne study has been to develop a better understanding of the approach organizations have towards managing machine identities today. Ideally, a machine identity management system should act as a central hub via which organizations can:
- gain complete visibility into the identity ecosystem
- manipulate every aspect of the identity ecosystem from a single interface
The ideal machine identity management solution enables the implementation of a structured governance process within an organization. It formalizes and documents every activity in the system – from requesting certificates and certificate signing requests to zero-touch renewals (the ability to renew a certificate without having to use the certificate authority’s interface) and enforcing the presence of an audit trail. It also allows for dynamic, real-time monitoring of the identity ecosystem, enabling rapid troubleshooting and issue remediation. The importance of user-definable automation capabilities and custom workflows cannot be ignored.
The future of security lies in machine identity management and organizations need to shift focus to make machine identity management an integral part of their cybersecurity strategy.
Click here to download the comprehensive whitepaper on the Vanson Bourne study that focuses on the next generation of machine identity management and the path towards crypto-agility