Only 24% of companies know where their cloud apps are and who can access them

identity orchestration company layer identity announced the findings of the third annual multi-cloud identity report conducted by Osterman Research.

The study surveyed 308 IT leaders and decision makers from North American organizations with annual revenues of US$100 million or more on their challenges and priorities for managing identities in multi-cloud environments.

According to the report, the percentage of organizations using a single cloud identity provider (IDP) has decreased from 30% to 20% since last year. The remaining 80% currently use multiple IDPs to manage their enterprise identities. Given this fragmentation, the top three cloud security concerns for enterprises are lack of visibility into access policies (67%), identity-based threats (65%), and compliance with data privacy regulations (56%). is.

“With more and more identity systems being used for user management, organizations are losing visibility and control over identity and access policies,” said Michael Sampson, principal analyst at Osterman Research. Stated. As such, improvements to Identity’s infrastructure, intended to facilitate improvements in corporate cybersecurity posture, have been counterproductive and lead to complexity overload.

“Lack of visibility into existing access policies means companies are acting blind, not knowing where their apps are hosted or who has access to their data. In our opinion, the rapid adoption of multi-cloud has elevated this issue to a critical state.”

of The State of Multicloud Identity Report 2023 — Complexity is the Enemy of Identity Protection is available here.

Report highlights

The State of Multi-Cloud Identity Report 2023 explores how multiple clouds and identity platforms are impacting identity and access policy management, creating security and operational challenges, and why identity professional talent It focuses on whether shortages prevent organizations from meeting these challenges. Key findings include:

• Three-quarters (76%) of organizations say they have access policies and applications across multiple cloud platforms (what access policies exist, where applications are deployed, who has access, and who has access). have, etc.) is not fully understood.
• Over half (56%) of businesses do not have a single version of the truth about identities and their associated attributes, raising concerns about duplicate identities and the potential for unauthorized access and compromised credentials.
• Fewer than half (41%) of the companies surveyed said they could enforce consistent access policies to mitigate identity and security risks. This is down from 55% last year and a 25% decrease year-over-year.
• 60% of organizations do not have the resources or time to rewrite their old and outdated applications to support modern identity protocols and work with cloud identity systems that offer enhanced security controls such as passwordless authentication. there is no.
• 78% of organizations do not have access to the source code needed to update their applications to use modern identity systems.

Strata Identity CEO Eric Olden said: “This report shows how the additional mix of identity providers and technologies is leading to inefficiencies in access policy management and increasing security and compliance risks for both cloud and on-premises resources. Masu.

“Identity orchestration integrates disconnected and disparate IAM systems, tools, and processes into an identity fabric. It enables organizations to dynamically add new identity services and unify management across multiple cloud and hybrid environments. It will be like this.”

Want to learn more about cybersecurity and the cloud from industry leaders? Checkout CYBER SECURITY & CLOUD EXPO It will be held in Amsterdam, California and London. Check out other upcoming enterprise technology events and webinars from TechForge here.

tag: identity, safety, layer identity