Why the channel must tackle identity sprawl to increase cyber resilience


Due to a number of factors, such as the migration to remote working and the adoption of robotic process automation (RPA), the number of identities that organisations now have to contend with has more than doubled. This includes internal, third party, and customer identities.

This “identity sprawl” ultimately equates to more security challenges that need addressing. Coupled with the fragmented way organisations tackle the management of access rights, identity sprawl could be the recipe for disaster for enterprises which aren’t looking to mitigate the inconsistencies, gaps, and extended attack surface of today’s digital environments.

What causes identity sprawl?

The disappearance of the traditional office infrastructure while employees work from home has meant that new remote access points had to be created for those organisations that were still operating completely on-prem. This also forced a, sometimes premature, digital transformation, as all businesses had to swiftly move their assets to the cloud to continue to operate during the pandemic.

The forced digital transformation brought about by the pandemic also pushed many enterprises to adopt new platforms and technologies to accommodate remote operations and remote access, optimise efficiency and accessibility, and save costs. Also linked to cost-saving is the mass adoption of RPA technology, which allows companies to outsource to robots the repetitive, time-consuming processes that would have otherwise been completed manually.

Do we need to be worried?

Identity sprawl might easily be the next big challenge in cybersecurity. According to the 2021 Verizon Data Breach Investigations Report, 80% of cyber incidents include the exploitation of identities. Employees, third-party contractors, robots, machines, and devices with credentials that give them access to company assets, are all risk factors organisations need to have a strategy to manage.

In fact, 8 in 10 security experts interviewed as part of a recent research from One Identity into the phenomenon of identity sprawl said the identities they manage have doubled, while 25% said they have increased by a factor of 10 or more. If we think of each of these identities as a key to the organisation’s network, this increase becomes even more concerning: every extra set of keys increases the chance that they might fall into the wrong hands and provide access to sensitive data and critical systems. It shouldn’t therefore come as a surprise that 95% of the experts interviewed said they find managing identities a challenge.

What to expect in the future of identity access management

Industry experts recognise that ransomware (66%), phishing (52%) and RPA adoption concerns remain top of mind (94 % of organisations who have deployed bots or RPA report challenges securing them). Therefore, companies must plan to bolster business resiliency where they can – including investing in enhanced identity and governance administration (IGA) and privileged access management (PAM) solutions that can secure and govern growing identity ecosystems.

Identity sprawl will likely also have an effect on how zero trust architecture is adopted by enterprises. More and more companies are adopting the “never trust, always verify” mantra to manage their risk as cloud-based systems, remote work, and connected devices dissolve network perimeters. This is a step in the right direction, as it responds to the needs of the businesses of the future, which are likely to remain flexible in terms of remote working, and the continued reliance on cloud-based assets outside their own network boundaries. This shift will provide channel partners a growth opportunity - as strong security starts with identity.

What can the channel do?

Channel partners in the IAM space have the chance to spearhead efficiency and cyber resilience by tackling identity sprawl and promoting a 360 view of all identities, including approaching identity security from a holistic and unified perspective. As technology is validated by analysts such as Gartner or Forrester, benchmark reports are produced and partners can use this analyst data to help investigate the full extent of a customer’s challenges and use it to re-enforce their technology positioning to meet their needs.

To assist channel partners in extending their knowledge, vendors should also adapt their partner learning experiences to provide more immersive sessions. These include video-based training with associated testing, plus hands-on bootcamps that bring together like-minded peers. It’s a place where the training and discussions help partners understand and then apply the technology to their own customers’ unique needs. Technical training has also evolved to deliver self-paced learning so consultants and other security experts can consume the material at a time that is convenient to them.

Andrew Clarke is head of partnerships & alliances at One Identity