5 Things Every Executive Needs to Know About Identity And Access Management Posted on : Mar 30 - 2019

• For new digital business models to succeed, customers’ privacy preferences need to be secure, and that begins by treating every identity as a new security perimeter.
• Organizations need to recognize that perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity and credential-based threats. Until they start implementing identity-centric security measures, account compromise attacks will continue to provide a perfect camouflage for data breaches.
• 74% of data breaches start with privileged credential abuse that could have been averted if the organizations had adopted a Privileged Access Management (PAM) strategy, according to a recent Centrify survey.
• Just 48% of organizations have a password vault, and only 21% have multi-factor authentication (MFA) implemented for privileged administrative access.

New digital business models are redefining organizations’ growth trajectories and enabling startups to thrive, all driven by customer trust. Gaining and strengthening customer trust starts with a security strategy that can scale quickly to secure every identity and threat surface a new business model creates. Centrify’s recent survey, Privileged Access Management in the Modern Threatscape, found 74% of data breaches begin with privileged credential abuse. The survey also found that the most important areas of IT infrastructure that new digital business models rely on to succeed — including Big Data repositories, cloud platform access, containers, and DevOps — are among the most vulnerable. The most urgent challenges executives are facing include protecting their business, securing customer data, and finding new ways to add value to their business’ operations.

Why Executives Need to Know About Identity and Access Management Now 

Executives have a strong sense of urgency to improve Identity and Access Management (IAM) today to assure the right individuals access the right resources at the right times and for the right reasons. IAM components like Access Management, Single Sign-On, Customer Identity and Access Management (CIAM), Advanced Authentication, Identity Governance and Administration (IGA), IoT-Driven IAM, and Privileged Access Management address the need to ensure appropriate access to resources across an organization’s entire attack surface and to meet compliance requirements. Considering that privileged access abuse is the leading cause of today’s breaches, they’re especially prioritizing Privileged Account Management as part of their broader cybersecurity strategies to secure the “keys to their kingdom.” Gartner supports this view by placing a high priority on Privileged Account Management, including it in its Gartner Top 10 Security Projects for 2018, and again in 2019.

During a recent conversation with insurance and financial services executives, I learned why Privileged Access Management is such an urgent, high priority today. Privileged access abuse is the leading attack vector, where they see the majority of breach attempts to access the company’s most sensitive systems and data. It’s also where they can improve customer data security while also making employees more productive by giving them access systems and platforms faster. All of them know instances of hackers and state-sponsored hacking groups offering bitcoin payments in exchange for administrative-level logins and passwords to their financial systems. View More