Stop the Breach: Reduce the likelihood of an attack through an IAM maturity model. 1. STOP THE BREACH: Reduce the likelihood of an attack through an IAM maturity model Findings from a commissioned study by Forrester Consulting on behalf of Centrify. ORGANIZATIONS ARE BREACHED AT AN ALARMING RATE Traditional security measures fail to safeguard against breaches.
In order to avoid financial and reputational ruin, organizations must rethink their approaches to security. Of organizations have fallen victim to a data breach an average of 5 or more times within the past two years 1B 66% Hackers compromised more than 1 billion identities in 2016 alone.Lessons Learned From The World’s Biggest Data Breaches and Privacy Abuses, 2016, Forrester Research, Inc., January 9, 2017. MATURE IAM SLASHES RISK OF BREACHES BY OVER 50% Deploying the right Identity and Access Management (IAM) technology can help your business bolster security. Organizations that develop approaches that closely scrutinize and secure both regular and privileged access are more likely to say they have never been breached than those who adopt fewer IAM best practices.
Do you perform these 15 best practices? Enforce context-aware Multi-factor Authentication (MFA) 2. Consolidate identity stores into a single directory 3. Implement single sign-on 4. Conduct periodic access review for administrative and privileged users 5. Limit access for remote administrators, contractors, and outsourced parties to just the apps and systems they immediately require 6. Govern access through time-bound and temporary privileged access 7.
Automate role-based provisioning to apps and infrastructure 8. Automate mobile application provisioning and deprovisioning ASSESS YOUR IAM MATURITY. 9.
Automatically deprovision privileged users’ access as they terminate 10. Implement least-privilege access for administrators 11. Centrally control access to shared and service accounts 12. Eliminate the use of shared administrative accounts 13. Manage privilege elevation at the granular command or app level 14.
Actively monitor privileged sessions and/or commands 15. Record all privileged sessions and/or commands ASSESS YOUR IAM MATURITY. 2x the number of breaches: Businesses with lowest IAM maturity experienced more than 2x the breaches than those with highest IAM maturity (12.5 vs 5.7). IAM Maturity— LEVEL ONE 2/15Average number of IAM best practices employed: MATURITY TIP: Improve IAM maturity by moving towards centralized identity and access controls. 5% 14% of organizations in this category record all privileged sessions and/or commands limit access for third-party vendors. IAM Maturity— LEVEL TWO Average number of IAM best practices employed: 71% likely to experience a breach: Seventy-one percent of Level 3 firms, on average, are likely to experience a security breach across six key areas, compared with 49% of Level 4 firms.
4/15 MATURITY TIP: Improve IAM maturity by implementing Multi-factor Authentication (MFA) across your network. 27% 23% of Level 2 businesses centrally control access to shared and service accounts actively monitor privileged sessions and/or commands. IAM Maturity— LEVEL THREE Average number of IAM best practices employed: 5/15 53% 45% of these organizations record all privileged sessions and/or commands manage privilege elevation at the granular command or app level MATURITY TIP: Move up the maturity ladder by implementing privileged identity management approaches. 45% deliver products and services faster: Fourty-five percent of Level 3 organizations experienced improved time to market for new products and services vs. Only 21% of those in Level 1.