Why does machine identity management matter now more than ever? In fact, what is machine identity management? What does it entail and why should you enterprise concern itself with it?
Experts seem confident in enterprises’ ability to secure the identities of their users. Research indicates that half of enterprises use the Principle of Least Principle to guide their permissions-granting policies. At least 70 percent of businesses express some confidence in repelling an identity-based breach. Most organizations believe themselves capable of protecting their privileged users’ credentials as well.
So it seems that users’ identities don’t pose the same challenge as they once did. Yet over the past two years, 79 percent of business suffered an identity-based breach. Why?
Unfortunately, the discrepancy stems from the persistence of both legacy solutions and legacy solutions. Often, IT decision-makers fail to account for machine identity management in their choices of solutions.
Here’s what that means.
What is Machine Identity Management?
A machine identity can refer to any non-human user in your IT infrastructure. This can include programs, applications, databases, and bots. While humans use usernames and passwords, machines use keys and certificates to request access and verify themselves. Additionally, different certificates and keys bestow the machines a set of permissions.
For example, the SSL/TLS Server Certificates establish trust in public-facing websites and applications. Meanwhile, SSH Keys provide privileged access to sensitive systems.
Unfortunately, it often appears that enterprises don’t know how many keys and certificates exist in their IT environment; this creates a serious visibility issue that can impede cybersecurity. Worse, machine identities typically lack oversight and governance, so it remains unclear who has control over these identities and in what ways.
Of course, machine identities also require protection. Finally, trying to solve many of these problems can take hours of man-hours in manual tasks, a significant drain on resources.
How Hackers Can Subvert Machine Identities
Hackers always look for the low-hanging fruit, the easy attack vector. After all, threat actors are working for a profit, and humans seek out maximum efficiency wherever possible. So if you keep your human identities locked down tight, hackers will gravitate to the identities less protected: the machines.
If hackers get possession of machine identities, they could inflict serious damage. They could exploit the certificates and keys to gain privileged access or create hidden communication channels. Alternatively, they could replicate the machines’ identities and pose as them, allowing them network access without monitoring.
Moreover, machines look poised to explode in the coming years, outpacing human users on business networks. So without machine identity management, your enterprise is at extreme risk.
What’s At Risk And What Can You Do
According to the IBM’s 2020 Cost of a Data Breach Report, on average, organizations’ need 206 days after initial intrusion to identify a data breach. After that, it took an average of 73 days to remediate it. Imagine how much longer a breach might persist if dozens if not hundreds of identities in your network remained outside your visibility or control.
Meanwhile, enterprises that can detect and contain a breach in fewer than 200 days spent and average of $1.23 million less in breach costs.
That’s what at stake for you. Learn more in our Identity Management Buyer’s Guide.
Latest posts by Ben Canner (see all)
- Findings: 2020 Gartner Magic Quadrant for Access Management - November 25, 2020
- What is the Future of Identity? An Interview with Amit Saha of Saviynt - November 24, 2020
- How to Protect a Transformed IT Infrastructure Through Identity Management - November 23, 2020