- Action required to educate and equip IT Directors
- 76% of UK businesses claim identity and access management (IAM) is a priority, yet only 8% can define it
London— Barriers at board level are proving to be the biggest obstacles to the adoption of identity and access management, according to research launched today by RSA Security. A third of IT Directors declared cost and lack of funding, whilst 27% stated buy-in from senior management as the main obstructions to implementing identity and access management. This is despite the fact that 52% of IT Directors believe it would save the company money once implemented.
IT Directors are also confused about the framework of identity and access management. Whilst 76% of IT Directors view identity and access management as a high priority for their organisation, only 8% of respondents were able to define the concept. This lack of understanding is demonstrated with one in five IT Directors never having heard of ‘Provisioning’ or ‘Federated Identity Management’ – two key elements in achieving a complete identity and access management solution.
For 83% of IT Directors, increased data security was viewed as a key driver for deploying an identity and access management solution, with 74% also stating achieving regulatory compliance as an important factor. Although the majority of respondents viewed identity and access management as a way of securing the business, there is also evidence to suggest it is increasingly being seen as a business enabler. Over half of IT Directors interviewed cited lowering administration and IT costs, increasing productivity and gaining competitive advantage as other benefits of implementing an identity and access management solution.
Tim Pickard, area VP international marketing, RSA Security said: “Many UK industries are undergoing fundamental changes to the way they do business, and for them a network–driven environment no longer reflects how the structure of their business is evolving. The identity of individuals will become key. However, it is clear that IT vendors must do more to help businesses understand the competitive advantages that identity and access management can deliver. RSA Security will be leading the drive to assist IT managers to educate their board directors about the return on investment opportunities of this business enabling approach.”
The lack of understanding and confusion about the business benefits is further compounded by the fact that companies tend to buy products on a tactical basis, rather than as part of a coherent strategy. 48% of respondents cited s ingle sign-on as the most fully implemented element, with directory management second, web services third and strong authentication fourth. However, the confusion that appears when asked to describe identity and access management and the specific elements of the solutions, suggests IT Directors are not purchasing these as part of an overall identity management strategy.
However, 50% or more of IT Directors recognised identity theft, poor internal IT security practices, lost and stolen passwords and unauthorised access to data as the security issues of concern. Each of these potential threats can be addressed from a cohesive identity management strategy.
Pickard continued: “This survey clearly highlights that understanding of identity and access management is patchy at best. Whilst it is encouraging to see that it is increasingly being seen as a business enabler, the fact that components of an identity and access management solution are often deployed in isolation without consideration for the bigger picture is a concern. Identity and access management solution providers take note – businesses need to be educated and consulted for this proposition to reach its full potential.”
For an Executive Summary of the research please contact: Victoria Henry / Harry Ronaldson, Kaizo 020 7580 8852
