Venafi Study: Financial Services IT Pros Overconfident in Machine Identity Protection

 Venafi Study: Financial Services IT Pros Overconfident in Machine Identity Protection
04.12.2018 11:53 am

Venafi Study: Financial Services IT Pros Overconfident in Machine Identity Protection

Security

Venafi®, the leading provider of machine identity protection, today announced the results of a June 2018 commissioned study titled Securing The Enterprise With Machine Identity Protection. Conducted by Forrester Consulting on behalf of Venafi, the study examined the views of 116 IT security professionals from financial services and insurance organizations in the U.S., U.K., Germany, France and Australia.

A key finding from the Venafi study reveals that eighty percent of financial services respondents who are responsible for identity and access management (IAM) believe automated communications between machines on their organizations’ networks are mostly or completely secure. Seventy-one percent of respondents believe effective protection of machine identities is critical to the long-term security and viability of their companies. However, on average, financial services organizations are only tracking forty-three percent of the most common types of machine identities. 

The study assessed the number of respondents who follow the progress of specific machine identities and found the following:

  • Only fifty-six percent track cloud platform instance machine identities.
  • Just fifty-five percent track physical server machine identities.
  • Less than half (forty-eight percent) track mobile device machine identities.
  • Roughly a third (thirty-four percent) track the machine identities of SSH keys.
  • Only twenty-eight percent track the machine identities of containers.
  • Just twenty-six percent track the machine identities of microservices.

“Financial services organizations have more work to do in order to make sure their machine identities are protected, and  we know these issues are not unique to a specific industry,” said Jeff Hudson, CEO of Venafi. “Despite the importance of machine identities, most organizations are overwhelmed by the sheer number of them on their networks, and they don’t have the visibility, intelligence or automation necessary to take the necessary steps to close the gaping hole in security.” 

Additional findings from the study include:

  • Forty-one percent say the lack of system administrator focus on machine identity use and protection is a major machine identity protection challenge, and forty-one percent say a major challenge is the lack of automated processes to inventory machine identities.
  • Sixty percent of financial services firms are concerned about internal data theft or loss as a consequence of weak machine identity protection. In addition, fifty-eight percent are concerned about customer data theft or loss.
  • Forty-five percent believe machine identity protection will be a higher priority than human identity protection within the next two years.

Managing user and machine identities, as well as privileged access to business data and applications, is an enormous undertaking that has serious security ramifications. Traditionally, the focus for IAM programs has been people-centric. However, with the recent increase in the number of machines on enterprise networks, shifts in technology, and the latest computing capabilities, a new set of challenges has emerged, requiring an increased focus on the protection of machine identities.

From Securing The Enterprise With Machine Identity Protection, Forrester Consulting, June 2018: “Newer technologies, such as cloud and containerization, have expanded the definition of machine to include a wide range of software that emulates physical machines. Furthermore, these technologies are spawning a tidal wave of new, rapidly changing machines on enterprise networks. To effectively manage and protect machine identities, organizations need: complete visibility of all machine identities across their networks; actionable intelligence about each machine identity; and the capabilities to effectively put that intelligence into action at machine speed and at scale.” 

 

Related News

Cog Systems Joins GSA IoT Security Working Group

 Cog, maker of... Read more »

FIME boosts payment strategy on security and consulting with key hires

As part of the ongoing expansion of its banking and payments security and consultancy offering, ... Read more »

Communications Specialist Becomes First Firm to Use Brand New Fraud Protection Technology

Core Retail, the leading supplier of pre-paid SIMs and mobile accessories, has become the first organisation to deploy a brand-new payments tool that automatically flags and... Read more »

Gemalto to produce secure and innovative healthcare cards for Quebec

Gemalto (Euronext NL0000400653 - GTO), the world leader in digital security, and the Société de l'assurance automobile du Québec (SAAQ) have been chosen to produce secure and... Read more »

RADWARE REPORT SHOWS AVERAGE COST OF CYBERATTACK NOW EXCEEDS $1.6 MILLION

Radware® (NASDAQ: RDWR), a leading provider of cybersecurity and application delivery solutions, today announced it has... Read more »

AxiomSL Appoints David Weber as Chief Operating Officer and Chief Financial Officer in Response to Rapid Global Growth

AxiomSL, the leading global provider of regulatory-reporting, risk and data-management solutions, today announced the appointment of David Weber as Chief Operating Officer and... Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App