IT is just throwing digital ID security money at gaps, hoping for the best
Research published by an ID management software vendor finds that 70 percent of companies surveyed pay for management tools they were not using when asked.
One Identity paid contract research firm Dimensional Research to gauge how well companies in multiple countries were using ID and access management software. The resulting report describes firms hobbled by “misguided enterprise investment in fragmented identity tools.”
Dimension surveyed 1,000 security professionals to learn that the way tools are being used – or not, in some cases – has rendered some companies “insufficient” in their efforts to protect identity data.
Effectively all companies contacted told survey takers that they have deployed more than one ID management tool. Forty-one percent of companies are using 25 or more disparate tools. One Identity‘s target market is loosely run IT departments with heterogenous digital ID infrastructure.
Perhaps the most surprising result from the marketing report is that 70 percent of responding companies said they are paying tools that they are “not actively using.” At the same time, 90 percent of respondents reported suffering a digital ID attack in the previous 12 months.
Even if all are being used, the kind of depth of experience organizations need to use all of the tools properly likely is hard to find. Even standardized, off-the-shelf internet routers are sometimes operationally differentiated.
It is hard to find a return on investment in that kind of situation that makes the chief information officer look competent. Survey takers found that 42 percent of companies said these inefficiencies cost the bottom line $100,000, a number that likely is lower than reality.
According to Dimension, 1,007 qualified individuals completed a survey, and all had direct responsibility for security and IAM. Industries, nations and company sizes were not described further.