301.519.9237 exdirector@nesaus.org

11.27.24 – Security Info Watch – Jerry Chapman

It’s a Sunday morning, and your work phone is ringing off the hook. Questions start running through your head: Why is your director of IT security calling you? Immediately, you know this is not a good thing. And it isn’t.

You soon discover your business was victimized by its identity sprawl. Unfortunately, this scenario is a reality for many organizations. Identity Defined Security Alliance (IDSA) found that 90 percent of organizations experienced an identity incident this past year, and 93 percent of these stakeholders reported that a stronger emphasis on security outcomes could have lessened the impact of these incidents. These incidents range from one compromised password to full-blown ransomware attacks that can bring an organization to its knees due to identity sprawl.

The Rise of Identity Sprawl

Identity sprawl is on the rise, and so are cybersecurity concerns. In 2022, 84 percent of organizations reported an identity-related breach, with 67% experiencing one in the past year. As mentioned, that percentage has hit 90 in just a year, and businesses aren’t the only victims. In 2023, 68% reported direct business impacts on stakeholders from sprawl. Today, that number has reached well over 80 percent. So what exactly is identity sprawl, and how can organizations slow the blight?

Identity sprawl is a security risk that can disguise itself behind productivity and innovation. It refers to the growth in attack surface due to the growing number of separate accounts users create to access the needed online services. As apps, systems, and databases compound to help an organization operate faster and more effectively, users are more likely to bypass credential-handling processes and requirements. The number of accounts increases to meet the company’s growth, opening it up for endpoint security risks. This risk is then compounded by the increased number of devices, browsers, and operating systems used day-to-day. Once identities begin sprawling, moving back to a secure, unified approach becomes more costly and time-consuming. With this security risk, there’s often no visibility into who has access to what and what they choose to do with it.

Key Drivers to Identity Sprawl

Many factors have contributed to the massive uptick in identity sprawl incidents over the past few years. To list a few:

  • The Shift to Hybrid and Remote Work: The rapid disappearance of the traditional brick-and-mortar office and centralized infrastructure has encouraged a larger attack surface with more identities created under varying browsers, devices, and operating systems. These are often unassociated with approved business security protocols. This issue will persist as dispersed organizations are here to stay, and employees will continue to work from home and other remote locations.
  • Increased Reliance on External Parties: As a byproduct of accommodating remote access and non-traditional work environments, businesses have a new reliance on contractors and external partners to scale and expand value. Remote work at scale, with the push for productivity, has accelerated the adoption of new platforms and technologies, often bypassing previous security protocols.
  • The Rise of the Cloud: Cloud-first computing and cloud service distribution to different physical locations have made hybrid and remote work possible. However, if it isn’t secured or employees aren’t following security best practices for accessing and sharing information on the cloud, it can become a security risk.
  • Efficiency over Security: The constant desire to optimize efficiency, accessibility, and cost savings has promoted looser security checks, putting businesses at risk.
  • Increased IT Complexity: The world around us is constantly changing, and so are privacy regulations. The required adoption of privacy regulations, such as GDPR, HIPAA, and CCPA, and data-sharing processes to maintain privacy or security have led to increased IT complexity, contributing to another host of issues.
  • Automation Robotic Process Automation (RPA): RPA is used to streamline formerly manual and time-consuming processes. While beneficial, its increased use has led to more identities linked to robotic automation.

The game has changed. Previously, businesses were primarily concerned with their office-bound, internal employees hired to do a single job, accessing resources from a single point. Today, enterprises manage onsite and remote internal employees and the identities of external parties. Our working environment has shifted. Employees are now changing roles and working environments, often accessing resources from multiple points. Security teams must now consider users, applications, machines, and how each interacts with multiple identities across various accounts and sources. Today, the average large enterprise utilizes 25 systems to manage access rights and slow the sprawl.

While all the above trends bring opportunities for efficiency, cybersecurity resilience, and a better digital employee experience, each creates new challenges and an explosion of identities to manage.

A Holistic Approach

Identity sprawl is inherently dynamic, adapting to user needs and connected resources. To control it while maintaining efficiency requires a shift from siloed solutions to a unified, holistic, identity-secure approach.

Many organizations manage critical aspects of identity security, such as Identity Governance and Administration (IGA), Access Management (AM), Privileged Access Management (PAM), and Active Directory Management and Security (ADMS), in separate systems. This fragmented approach creates silos where people, applications, and data are managed in isolation, increasing friction, slowing automation, and complicating access management.

A modern, integrated approach breaks down these silos, aligning people, applications, and data into a cohesive framework. In security management, unification streamlines processes, correlates identities, reduces the attack surface, and strengthens cybersecurity resilience. This approach is catching on. Companies are shifting their mindset, vying for provider partnerships for protection. An example is the partnership with Verinext and identity partners to drive an “Identity-Led Security” approach with the integration of technologies to support each of the pillars of Identity and Access Management. Ultimately, a programmatic approach Verinext is driving supports our clients with all aspects of identity, including PAM, IGA, ADMS, and AM.

Identity sprawl has become a significant security risk for modern businesses, driven by remote work, third-party reliance, and cloud adoption. While this issue won’t disappear overnight, moving away from the fragmented approach to identity management and embracing a unified, integrated strategy that aligns people, applications, and data into a cohesive system will help companies regain control. This shift is essential to regaining control over identity sprawl and safeguarding against companies for whatever comes next.

About the Author

Jerry Chapman

Jerry Chapman is the Director of Identity Services and Solutions at Verinext, a solution provider that delivers transformative business outcomes for everything that comes next. He is an expert in identity services and solutions, leveraging his deep expertise in network security, federation, and information security.