Access Management Trends

Spearheaded by the reality of data breaches, as well as the adoption of cloud and social identities in the enterprise, the new IT perimeter has decision makers recalculating their IT management route. Inspired by consumer-grade convenience that meshes single sign-on with risk-based polices, access management practices are evolving to bridge the nexus of cloud, mobile and social.


More than half of those surveyed state that unprotected infrastructure is one of the biggest targets for cyber-attacks

  • Around half say the same when it comes to web portals (50%) and/or cloud applications (49%)
  • This pattern largely remains the same as in 2017, although web portals was the most likely (47%) reported target at that time
  • As targets are still comparable, it suggests that organizations could still be getting to grips with how they can best protect the areas which are most likely to be a target.

Showing Global Results


Over six in ten say that the increasing volume of cloud applications in use makes them a target for cyber-attacks when asked to respondents who feel that cloud applications are a target for cyber-attacks.

  • There was a greater proportion (71%) of respondents who said that this was the case in 2017, which could suggest that the speed organizations are adopting cloud applications has plateaued or slowed slightly.

Showing Global Results


Over half of respondents say that they would allow employees in their organization to log on to corporate resources using their social media credentials even with recent security breaches in mind

  • However, this is a positive step from the 2017 data, where 66% stated that they would allow this.
  • This suggests that there is a greater awareness of the vulnerability that this may cause, with more and more organizations being caught out by weaknesses in their security and authentication methods.

Showing Global Results


Over nine in ten of those surveyed cite that their organization’s security policies around access management have been influenced by breaches of consumer services in the last 12 months – this is even higher than in 2017 (90%) and 2016 (89%)

  • Staff being trained on security and access management (52%), increasing spend on access management (45%) and it becoming a board priority (44%) are the most likely changes.
  • Secure access management being a board priority has increased from 2017 (38%) and 2016 (34%), which shows that access management is an area that is starting to gain traction with senior decision makers.

Showing Global Results


Respondents’ organizations are most likely to have adopted an on-premise IAM solution, with a smaller proportion having adopted IDaaS (58%), Cloud SSO (54%) and/or smart single sign-on (46%)

  • This shows an increase on the adoption of 2017 (47%, 35% and 42% respectively) and 2016 (38%, 36% and 39% respectively), which could be due to the increasing priority that this area is being shown by the board.

Showing Global Results


When it comes to drivers for implementing an access management solution, respondents are most likely to say that the threat of large scale breaches (24%) or simplified cloud access for end users (18%) are the most significant considerations

  • Almost eight in ten report that the threat of large scale breaches (78%) and/or security concerns (77%) are one of the main or the most significant consideration, which highlights security as being a key issue within organizations and suggests that its core functionality could be more important to organizations than its ability to support other areas of the business.

Showing Global Results


Almost all respondents say that controlling who has access to specific types of data can contribute toward their organization's ability to comply with data protection regulations and pass security audits.

  • Slightly more than two in three (68%) go as far as to say that this is definitely the case, which is a much bigger proportion than in previous years (54%, 56% and 48% respectively)
  • The increase in this level of thinking could also be a factor as to why there has been a rise in access management capabilities in use – particularly with regulations becoming ever more strenuous, or new regulations being put in place altogether (such as GDPR)

Showing Global Results


The CIO/Head of IT is the most likely final decision maker in respondents’ organizations when it comes to selecting an access management solution; more than nine in ten (95%) say that they are involved to some extent

  • This has been the case since 2015 (47%, 53% and 54% respectively), indicating that the primary decision has and will continue to sit in the IT department – perhaps as these decision makers are closer to the security issues within organizations.

Showing Global Results


Just over one in three respondents say that it was difficult to sell the need for IT security to the board a year ago.

  • However, it is only 20% who say that this is currently the case; in fact, it is over half (56%) who now say that it is easy.
  • This change in thinking reflects the increase in access management capabilities that are being adopted and the security concerns that are driving this adoption. Cyber threats are likely to continue and even increase in the future, so decision makers will need to keep liaising closely with the board.

Showing Global Results

Find out how Global data compares to your region by clicking the button below