stop the breach: reduce the likelihood of an attack through an iam maturity model
TRANSCRIPT
STOP THE BREACH: Reduce the likelihood of an attack through an IAM maturity model
Findings from a commissioned study by Forrester Consulting on behalf of Centrify
ORGANIZATIONS ARE BREACHED AT AN ALARMING RATETraditional security measures fail to safeguard against breaches. In order to avoid financial and reputational ruin, organizations must rethink their approaches to security.
of organizations have fallen victim to a data breach an average of 5 or more times within the past two years
1B
66%
Hackers compromised more than 1 billion identities in 2016 alone*
*Lessons Learned From The World’s Biggest Data Breaches and Privacy Abuses, 2016, Forrester Research, Inc., January 9, 2017
MATURE IAM SLASHES RISK OF BREACHES BY OVER 50%Deploying the right Identity and Access Management (IAM) technology can help your business bolster security.
Organizations that develop approaches that closely scrutinize and secure both regular and privileged access are more likely to say they have never been breached than those who adopt fewer IAM best practices.
Do you perform these 15 best practices?
1. Enforce context-aware Multi-factor Authentication (MFA)
2. Consolidate identity stores into a single directory
3. Implement single sign-on
4. Conduct periodic access review for administrative and privileged users
5. Limit access for remote administrators, contractors, and outsourced parties to just the apps and systems they immediately require
6. Govern access through time-bound and temporary privileged access
7. Automate role-based provisioning to apps and infrastructure
8. Automate mobile application provisioning and deprovisioning
ASSESS YOUR IAM MATURITY
9. Automatically deprovision privileged users’ access as they terminate
10. Implement least-privilege access for administrators
11. Centrally control access to shared and service accounts
12. Eliminate the use of shared administrative accounts
13. Manage privilege elevation at the granular command or app level
14. Actively monitor privileged sessions and/or commands
15. Record all privileged sessions and/or commands
ASSESS YOUR IAM MATURITY
2x the number of breaches: Businesses with lowest IAM maturity experienced more than 2x the breaches than those with highest IAM maturity (12.5 vs 5.7).
IAM Maturity—
LEVEL ONE2/15Average number of IAM
best practices employed:
MATURITY TIP: Improve IAM maturity by moving towards centralized identity and access controls.
5%14%
of organizations in this category record all privileged sessions and/or commands
limit access for third-party vendors
IAM Maturity—
LEVEL TWOAverage number of IAM best practices employed:
71% likely to experience a breach:Seventy-one percent of Level 3 firms, on average, are likely to experience a security breach across six key areas, compared with 49% of Level 4 firms.
4/15
MATURITY TIP: Improve IAM maturity by implementing Multi-factor Authentication (MFA) across your network.
27%23%
of Level 2 businesses centrally control access to shared and service accounts
actively monitor privileged sessions and/or commands
IAM Maturity—
LEVEL THREEAverage number of IAM best practices employed: 5/15
53%45%
of these organizations record all privileged sessions and/or commands
manage privilege elevation at the granular command or app level
MATURITY TIP: Move up the maturity ladder by implementing privileged identity management approaches.
45% deliver products and services faster:Fourty-five percent of Level 3 organizations experienced improved time to market for new products and services vs. only 21% of those in Level 1.
IAM Maturity—
LEVEL FOURAverage number of IAM best practices employed: 8/15
MATURITY TIP: Consider moving to an integrated platform (mature firms are most likely to use integrated platform and least likely to use point solutions and spend 40% less on IAM in the process.)
50% fewer breaches and $5M in cost savings compared to level one firms:More than half of Level 4 organizations reduced findings from compliance audits and improved
69%57%
of Level 4 businesses centrally control access to shared and service accounts
enforce context-aware MFA
Mature IAM reduces the risk of breaches by
50%
INCLUDING:
› Reduced likelihood of breaches
› Lower technology costs
› Improved productivity and efficiency
2-3x Being IAM Mature delivers 2-3x the benefits
40%
Level 1 organizations end up paying almost 40%
more for technology as a percentage of IAM budget
27%
On average, the least mature spent 27% of their
IT budgets on actual IAM technology, compared
to only 19% of the most mature.
46% Mature IAM promotes 46% more
productivity and efficiency
HOW MATURE IS YOUR IAM TECHNOLOGY?Download Stop The Breach: Reduce The Likelihood of an Attack Through an IAM Maturity Model — a commissioned study conducted by Forrester Consulting on behalf of Centrify on February 2017 — to learn more about the security and business benefits of IAM maturity.
Centrify is the leader in securing enterprise identities against cyberthreats that target today’s hybrid IT
environment of cloud, mobile and on-premises. The Centrify Identity Platform protects against the leading
point of attack used in data breaches―compromised credentials—by securing an enterprise’s internal and
external users as well as its privileged accounts. Centrify delivers stronger security, continuous compliance
and enhanced user productivity through single sign-on, multi-factor authentication, mobile and Mac
management, privileged access security and session monitoring. Centrify is trusted by over 5000
customers, including more than half of the Fortune 500.
Visit us at Centrify.com.