Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Access Governance Trend Survey Results

Aveksa : 20 April, 2010  (Technical Article)
Aveksa has published the results of a survey carried out in conjunction with the Ponemon Institute on user access trends and the effects on cloud computing
Privacy and information management research firm the Ponemon Institute and Aveksa have announced the results of the 2010 Access Governance Trends Survey. Findings gathered from the survey of 728 experienced IT practitioners at multinational corporations and government organisations show that ineffective access governance processes expose enterprises to serious noncompliance and business risks. When compared to Ponemon Institute's first access governance study, published in 2008, respondents report even greater difficulty with key access governance issues, such as poor management of access rights and trouble keeping pace with access changes.

The 2010 Access Governance Trends Survey tracks the perspectives of IT security and compliance practitioners on access governance, measuring how well organisations control user access and prevent misuse that could negatively impact their business. Survey results indicate that many organisations face significant information security risks because of a lack of resources, budget and IT staff -- heightened by ad hoc or inconsistent approaches to access management activities across the enterprise. According to 2010 results, Cloud Computing has emerged as a key factor affecting organisations, access governance processes, with respondents reporting that its adoption enables business and end users to circumvent existing access governance processes.

Key findings of the 2010 Access Governance Trends Survey include:

* User access rights continue to be poorly managed,¯Eighty-seven percent of respondents believe that individuals have too much access to information resources that are not pertinent to their job description, up nine percent from the 2008 study.

* Organizations are not able to keep pace with changes to users job responsibilities and they face serious noncompliance and business risk as a result,¯Nearly three out of four organizations (72 percent) said they cannot quickly respond to changes in employee access requirements; and more than half (52 percent) reported that they are unable keep pace with the number of access change requests that come in on a regular basis.

* Policies are not regularly checked and enforced,¯Fifty-nine percent of organizations do not have or do not strictly enforce access governance policies, and 61 percent do not immediately check user access requests against security policies before the access is approved and assigned.

* Organizations lack budget, resources and staff for effective access governance,¯Nearly two-thirds (65 percent) of respondents said that a lack of IT staff was a key problem in enforcing access compliance policies. Fifty-seven percent of organisations reported that they don't have enough technologies to manage and govern end-user access to information resources. Further, with organizations struggling to contain costs in a recessionary climate, 63 percent say they do not have enough resources to do so.

* Cloud Computing is expected to impact access governance processes, Nearly three out of four (73 percent) respondents said that adoption of cloud-based applications will have a very significant or significant impact on users, ability to circumvent existing access policies.

“Our study confirms that IT staffs are not only unable to keep up with a rising flood of constantly changing user access requirements and regulations, they are falling behind, said Larry Ponemon, chairman and founder, Ponemon Institute. “With so few people tasked with governing access across so many information resources, requests and control requirements, these companies are at risk of inappropriate access and misuse. The vast majority of these organization report that they are subject to access-related regulations or industry mandates, so this lack of access governance could significantly jeopardise their ability to maintain compliance and mitigate key risks.¯

“The current global economic climate has increased the pace of access change at many organizations, while also forcing IT staffs to try to do more with less. Businesses are no longer able to throw bodies at the problem with the hopes of addressing their access governance issues, said Deepak Taneja, founder, president and CTO of Aveksa. “Sustainable compliance can only be achieved by deploying automated access management processes with embedded governance. Through this approach, companies can more easily meet their access governance objectives while increasing operational efficiency.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   Ā© 2012
Netgains Logo