Unify, Verify, Adapt: How CISOs Can Reduce the Risk of Identity Sprawl

The traditional model of protecting your IT environment using perimeter security is being eroded, in favor of an identity-centric approach. While you’re probably aware of this trend, you might not quite realize what a significant shift this is.

Identity is emerging as the new edge. If you’re a CISO we predict that identity security will be your main focus over the coming years - if it’s not already. In this article, we explore the reasons for this shift, the challenges ahead and the solution that’s stepping into the brink.

Find out what other IT security professionals say about challenges they face managing identity security, download our report Identities and Security in 2021: A Global Survey of Identity and Security Stakeholders here.

The shift to identity-centricity

The traditional office and IT infrastructure are disappearing. Cloud-first computing has accelerated as organizations optimize for efficiency, accessibility and cost savings.

SaaS applications are virtually everywhere, creating both opportunities and challenges for IT security professionals.

This acceleration has gone into top gear over the last two years when remote working became a reality for many organizations.

Today, we have hyper-dispersed organizations with IT environments that consist of multiple physical sites, virtual machines, public and private clouds and a myriad of cloud platforms and operating systems.

While next generation firewalls and other perimeter defenses are still important for protecting your network from some threats, the old infrastructure-centric model to protect everything inside the perimeter is no longer valid.

One common factor across all these different environments is identity. Everything needs an identity and security professionals are increasingly recognizing that protecting identities is a critical element of protecting the organization as a whole.

The danger of identity sprawl

A hyper-dispersed organization and the disappearance of traditional IT infrastructure creates another challenge: identity sprawl.

When you have potentially millions of users (both internal and external) and customers, more machines than humans and ever-expanding accounts as organizations move to multi-generational, hybrid and edge, it’s a recipe for identity sprawl.

Not so long ago employees were hired to do one job, located in one office, with a single point of access to the corporate network. Today it’s a different story.

CISOs don’t only have to worry about internal employees - they may also have to manage the identities of customers, contractors, suppliers and partners. There’s also more movement within the organization with employees changing roles and requiring access to different resources.

Employees are no longer office bound, sat in front of one desktop computer. Now they may have multiple devices, corporate and BYOD, and could be accessing the network from the office, their home, a customer’s site or simply ‘anywhere’.

It’s also no longer just about access to servers and where the critical data is – it's access to interfaces and consoles. Applications and machines have identities too. The adoption of new technologies like AI and RPA creates even more identities for you to manage.

Poor visibility increases risk

How are security teams managing the rapid growth in identities? In many cases, identity sprawl is going largely unchecked. Instead, security teams are throwing different tools at the problem, creating a siloed and fragmented security environment.

In a survey by Dimensional Research for One Identity, 51% of IT security professionals surveyed said they use more than 25 different systems for identity management, while 21% said they had more than 100 different systems in use.

Poor visibility makes it harder to manage identities and causes gaps, inconsistencies and even more risk.

Any identity can be compromised, but multiple identities are an even greater security risk.

Users don’t like managing multiple credentials so may be tempted to recycle usernames and passwords across different services, creating vulnerabilities. Stolen credentials are used by cybercriminals in credential-stuffing attacks and in ransomware attacks, as we saw in the Colonial Pipeline and JBS attacks. In both these cases, attackers were able to access the corporate networks with a compromised password or stolen credentials.

Closing the cybersecurity gap

With hyper-dispersed organizations and multiple identities, bad actors take advantage and are attacking identity at scale.

Verizon’s 2022 Data Breach Investigations Report (DBIR) provides some salient stats:

• 80% of data breaches are caused by external actors
• 82% of breaches involved the human element, such as the use of stolen credentials, phishing, misuse or simply an error
• 25% of breaches involved ransomware, up 13% from the previous year

Most IT security professionals accept that compromise is inevitable, so what can you do about it?

5 principles to close the cybersecurity gap

In order to close this gap, organizations are quickly moving from a fragmented state to a unified approach for managing identity security.

There are five key things to prioritize to make this shift:

1. Holistic correlation: End-to-end unification of all your identities and all your accounts
2. Automated orchestration: A modern process, with frictionless governance, across identity and privilege
3. Robust analytics ecosystem: Deep insights to help you anticipate, detect and take corrective actions on emerging threats to the organization.
4. Adaptive resilience: Being able to quickly pivot to changes in user roles/responsibilities, IT infrastructure and new and developing threats.
5. Continuous verification: Verify everything before you grant access, and on an ongoing basis. This will help you more efficiently move to a zero trust model.

Convergence is the solution

When the board asks you “who has access to what?”, wouldn’t you like to answer with confidence and reassure them that no one has more privileged access than their job requires? When they ask whether your identity security practices meet Zero Trust mandates or what your ransomware risk level is, wouldn’t it be great to have closed the cybersecurity gap and know you’re proactively managing identity sprawl?

To get this level of visibility, manage risk and overcome the challenges of fragmented and siloed identity security solutions, you need to embrace an identity-centric approach.

A unified identity security solution puts identity at the center and aligns people, applications and data as one. This allows you to verify everything.

It strengthens privilege instead of endpoints, ensures all identities are correlated and visible and removes friction with better integration. It also empowers security teams so they can manage identity consistently and quickly add, remove and adjust privilege just in time.

This is the unified identity security strategy that many organizations are adopting. Is it time for you to adopt it too?

To learn how you can control identity sprawl and close your cybersecurity gap with unified identity security, watch our video here.