Machine Identities Not Secure: Report

Tuesday, September 4, 2018 @ 12:09 PM gHale

Ninety-six percent of companies believe that effective protection of machine and human identities are equally important to the long-term security and viability of their companies, a new study found.

Knowing that, however, 80 percent of respondents struggle with the delivery of important machine identity protection capabilities, according to a study conducted by Forrester Consulting for Venafi.

RELATED STORIES
Botnet Report: Multifunctional Malware Growing
Email Impersonation Attacks Skyrocket
Email Impersonation Attacks on Rise
Compliance Violations Witnesses Looking to Leave

The study focused on enterprise machine identity protection challenges and included responses from 350 senior IT security professionals who are responsible for their organizations’ identity and access management from the U.S., UK, Germany, France and Australia.

“It is shocking that so many companies don’t understand the importance of protecting their machine identities,” said Jeff Hudson, chief executive of Venafi in a post. “We spend billions of dollars protecting user names and passwords but almost nothing protecting the keys and certificates that machines use to identify and authenticate themselves. The number of machines on enterprise networks is skyrocketing and most organizations haven’t invested in the intelligence or automation necessary to protect these critical security assets. The bad guys know this, and they are targeting them because they are incredibly valuable assets across a wide range of cyber-attacks.”

In addition, 47 percent of respondents think protecting machine identities and human identities will be equally important to their organizations over the next 12 to 24 months, while 43 percent feel machine identity protection will be more important.

Seventy percent admit they are tracking fewer than half of the most common types of machine identities found on their networks.

When asked which specific machine identities they track:
• 56 percent said cloud platform instance machine identities
• 49 percent said mobile device machine identities
• 49 percent said physical server machine identities
• 29 percent said SSH keys
• 25 percent said machine identities of microservices and containers

In addition, 61 percent of respondents said their biggest concern regarding poor machine identity protection management is internal data theft or loss.

Click here to register to download the study.



Leave a Reply

You must be logged in to post a comment.