Friday, March 09, 2007

Centralized Identity Management Can Help Curb The Insider Threat

It appears that the study I mentioned in the previous post was picked up by Information Week so I'll highlight some of the findings:

  • 64% of the 627 IT pros surveyed say their companies use identity and access management technology.

  • 14% avoid identity and access management because it's too difficult to deploy or because they're content with manual methods of identity management

Not too suprising a number there.

  • About half of the remaining respondents who don't use identity and access management technology say this is because the technology is too expensive

I guess the ISVs need to do a better job and start building some products that don't take 2-10X in services to get installed - and cost less to acquire the software.

  • 13% of respondents have centralized identity and access management

  • 18% of respondents indicated that this information is managed based on geographic location rather than from a central, company-wide location

Interesting. Is it possible for the average enterprise to have more than one identity management solution? Yes. In fact, some of the customers that I met with on my latest leg of the reality tour had more than one solution. Now that's scary!

  • Another top reason (to track employees) is the ability to track the activities of privileged users (e.g., system admin, DBAs) with access to critical applications or databases. About 64% indicated it was "very important" or "important" in providing them the ability to detect and prevent disclosure of confidential or private data.

So 1/3 of respondents didn't think it was that important to track these highly privileged users? Now that's double scary!

Technorati Tags:

No comments: