BeyondTrust has announced the release of a new global survey, “Identity Issues Impact Zero Trust Effectiveness.” The survey’s research focused on understanding current identity and zero trust trends, adoption rates, incidents, solutions, challenges, and new areas of focus. The research also investigated the integration requirements and techniques for zero trust solutions and how they interact with other key business applications and systems.
The report reviewed key findings from a research survey interviewing more than 300 participants across five continents and included security teams, IT professionals, and executives.
“Today’s business operating models are highly complex, with remote employees accessing critical systems using dozens, and even hundreds of applications,” said Morey Haber, Chief Security Officer at BeyondTrust. “Data is transmitted between clouds and corporate data centers, with third-party contractors and supply chain partners, suppliers, and shippers directly connecting to these corporate systems. Legacy security architectures and network defenses are less effective at managing this extended perimeter. Zero trust principles and architectures are being adopted by public and private sectors because they have become one of the most effective approaches to mitigating the heightened risks to highly sensitive identities, assets, and resources.”
Integration complexity is a key issue for zero trust deployment
The research found that almost all respondents had an identity-related incident in the last eighteen months, with 81% indicating two or more incidents. A significant number of these incidents were related to privileged accounts. Over 70% of companies are still in the process of implementing a zero trust approach needed to secure an expanding security perimeter due to increased cloud utilisation and remote workers.
Nearly all companies indicated they were using multiple vendors and solutions for their zero trust strategy, with most using four or more solutions. Of the companies interviewed, 70% rely on custom coding for integration, often provided by costly third-party services. Eighty-four percent needed several different integration approaches for their zero trust defense, complicating the deployment process.
Integration has become a critical issue for many companies, as over 70% of those surveyed removed a security solution simply because it didn’t integrate effectively. Those surveyed reported that gaps in their zero trust approach resulted in slower issue resolution, poorer user experiences, incorrect access privileges, manual intervention, compliance issues, and more.
Essentially every company indicated a zero trust approach needs to integrate with numerous other business and collaboration applications to ease the burden of integration processes. Integration challenges have led the majority to make native integration a key selection criterion for zero trust solutions.
Better integration not only saves resources, but time as well, with more than 9 out of 10 companies indicating an integrated ecosystem creates a faster response to security issues and improved compliance.
Survey details key issues impacting companies
- 93% report identity issues stemming from integration problems
- 81% report 2 or more identity issues over the last 18 months
- 63% report identity issues were directly related to privileged users and credentials, and 5% aren’t sure
Zero Trust-Related Findings
- 76% of organisations are still in the process of implementing a zero trust approach to secure their environment
- 96% of companies use multiple solutions for their zero trust approach, with 56% using 4 or more
- 70% of companies must rely on vendor custom code for their zero trust solution integration
- 84% of companies have multiple integration approaches to make their zero trust strategy operational
- 99% of companies indicate zero trust solutions need to integrate with numerous other applications
- 94% report that easy integration is “very important” or “important”, with no participants indicating it was not important
- 78% indicate native integration is a key selection criterion for zero trust solutions zero trust