Home
Topics
Enterprise Identity and Access Management
User Authentication Services
Two-Factor and Multifactor Authentication Strategies
Inside the numbers: Access (out of) control?

Article

Inside the numbers: Access (out of) control?

SearchSecurity.com Staff

Check out our special report, Access (out of) control?:

Day 1: When access management becomes rocket science
Security can be a hard sell beyond the IT realm, even for security pros at NASA. But nothing motivates people like regulatory pressure and a fear of being the next data breach headline.

Day 2: Looking ahead to life without passwords
Security pros know that passwords are nothing but trouble. For them, single-sign on, two-factor authentication and federated ID represent the path to stronger authentication.

Day 3: Active directory users finding their way
Many IT shops use Microsoft Active Directory to manage network access. Some say it's difficult, but others are using it as a key tool in successfully managing network access.

Requires Free Membership to View

SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

Michael S. Mimoso, Editorial Director

By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.



		1. What are your top three ID and access management priorities for 2006? (Select up to three.)*
		48.3%	Strengthening authentication
		44.1%	Better leveraging Active Directory or other directory services
		31.6%	Better managing passwords
		25.4%	SSO or reduced sign-on for enterprise applications
		22.9%	Granting or denying access based on a computer's configuration/threat level
		* - Top five most-popular results listed

		2. Rate the following business drivers based on how important an impact they have in motivating an investment in ID and access management at your organization.
		Meeting regulatory demands (SOX, GLBA, HIPAA, FFIEC):
		46.4%	Very important
		24.6%	Important
		4.2%	Not very important
		3.1%	Not at all important

		Improving employee or trusted user access to information:
		41.3%	Very important
		42.7%	Important
		2.2%	Not very important
		0.3%	Not at all important

		Improving semi-trusted user (extranet, partner, supplier, consultant) access to information:
		22.6%	Very important
		38.8%	Important
		10.0%	Not very important
		3.4%	Not at all important

		Enhancing security (reducing access breaches/abuse/misuse):
		60.9%	Very important
		26.8%	Important
		1.1%	Not very important
		0.0%	Not at all important

		Lowering TCO through consolidation:
		22.4%	Very important
		38.1%	Important
		8.7%	Not very important
		2.8%	Not at all important

		Reducing password reset requests to help desk:
		26.8%	Very important
		36.3%	Important
		8.9%	Not very important
		3.6%	Not at all important

		Freeing up IT resources managing user stores:
		27.1%	Very important
		37.2%	Important
		6.4%	Not very important
		1.1%	Not at all important

		Easing user access experience:
		40.8%	Very important
		40.5%	Important
		2.2%	Not very important
		0.8%	Not at all important


		3. Rate your satisfaction with the following ID and access management products/services deployed in your organization. *

		Password management:
		9.8%	Very satisfied
		36.0%	Satisfied
		20.1%	Not very satisfied
		2.8%	Not at all satisfied

		Authentication servers (RADIUS, RAS, LDAP):
		15.4%	Very satisfied
		43.0%	Satisfied
		5.0%	Not very satisfied
		1.4%	Not at all satisfied

		Authentication tokens:
		12.3%	Very satisfied
		31.3%	Satisfied
		5.9%	Not very satisfied
		1.4%	Not at all satisfied

		Smart cards:
		7.3%	Very satisfied
		18.7%	Satisfied
		5.0%	Not very satisfied
		2.0%	Not at all satisfied

		Digital certificates:
		12.0%	Very satisfied
		39.0%	Satisfied
		7.5%	Not very satisfied
		2.0%	Not at all satisfied

		Biometrics:
		3.1%	Very satisfied
		11.5%	Satisfied
		6.7%	Not very satisfied
		2.0%	Not at all satisfied

		Directories (Active Directory, LDAP)/directory services:
		17.0%	Very satisfied
		51.7%	Satisfied
		5.9%	Not very satisfied
		0.3%	Not at all satisfied

		Enterprise single sign-on:
		7.5%	Very satisfied
		22.4%	Satisfied
		13.1%	Not very satisfied
		3.9%	Not at all satisfied

		Web single sign-on:
		7.3%	Very satisfied
		29.4%	Satisfied
		10.1%	Not very satisfied
		2.0%	Not at all satisfied

		Federated ID management:
		3.4%	Very satisfied
		11.2%	Satisfied
		9.2%	Not very satisfied
		2.2%	Not at all satisfied

		Automated provisioning/deprovisioning systems:
		2.8%	Very satisfied
		18.4%	Satisfied
		10.1%	Not very satisfied
		2.8%	Not at all satisfied

		Endpoint security systems:
		7.8%	Very satisfied
		31.8%	Satisfied
		6.4%	Not very satisfied
		2.0%	Not at all satisfied

		IPSec VPNs:
		22.4%	Very satisfied
		39.1%	Satisfied
		4.5%	Not very satisfied
		0.0%	Not at all satisfied

		SSL VPNs:
		19.6%	Very satisfied
		37.7%	Satisfied
		3.6%	Not very satisfied
		1.4%	Not at all satisfied
		* - Other responses include "neither" and "don't know/does not apply."

		4. Will you be spending more, less or the same amount of money on the following products/services this year compared to last year?
		Password management:
		22.9%	Spending more
		55.9%	Spending the same
		5.6%	Spending less
		15.6%	Not spending

		Authentication servers (RADIUS, RAS, LDAP):
		17.3%	Spending more
		57.0%	Spending the same
		6.2%	Spending less
		19.6%	Not spending

		Authentication tokens:
		23.7%	Spending more
		40.0%	Spending the same
		5.3%	Spending less
		31.0%	Not spending

		Digital certificates:
		23.7%	Spending more
		52.5%	Spending the same
		3.1%	Spending less
		20.7%	Not spending

		Smart cards:
		15.1%	Spending more
		33.8%	Spending the same
		4.5%	Spending less
		46.7%	Not spending

		Biometrics:
		13.7%	Spending more
		25.1%	Spending the same
		4.8%	Spending less
		56.4%	Not spending

		Directories (Active Directory, LDAP)/directory services:
		26.8%	Spending more
		59.2%	Spending the same
		3.6%	Spending less
		10.3%	Not spending

		Enterprise single sign-on:
		28.2%	Spending more
		41.6%	Spending the same
		3.1%	Spending less
		27.1%	Not spending

		Web single sign-on:
		21.2%	Spending more
		42.2%	Spending the same
		4.5%	Spending less
		32.1%	Not spending

		Federated ID management:
		14.5%	Spending more
		32.7%	Spending the same
		5.3%	Spending less
		47.5%	Are not spending

		Automated provisioning/deprovisioning systems:
		19.0%	Spending more
		40.5%	Spending the same
		3.4%	Spending less
		37.2%	Are not spending

		Endpoint security systems:
		24.3%	Spending more
		46.7%	Spending the same
		3.1%	Spending less
		26.0%	Are not spending

		SSL VPNs:
		22.9%	Spending more
		50.6%	Spending the same
		3.6%	Spending less
		22.9%	Are not spending

		IPSec VPNs:
		21.2%	Spending more
		54.2%	Spending the same
		5.0%	Spending less
		19.6%	Are not spending

		5. Rate the following obstacles related to ID and access management.
		Coping with multiple password policies:
		22.1%	It's a significant problem
		40.8%	It's a problem
		30.5%	It's not a problem

		Dealing with slow, manual processes for provisioning/deprovisioning accounts:
		20.7%	It's a significant problem
		45.0%	It's a problem
		21.5%	It's not a problem

		Managing/consolidating multiple identity stores:
		21.5%	It's a significant problem
		42.2%	It's a problem
		21.2%	It's not a problem

		Handling password resets:
		10.9%	It's a significant problem
		45.5%	It's a problem
		38.8%	It's not a problem

		Determining proper approvals and workflow for provisioning new accounts:
		16.5%	It's a significant problem
		41.6%	It's a problem
		31.0%	It's not a problem

		Creating and managing a consistent set of permissions for users across different applications with different identity stores or authorization mechanisms:
		30.5%	It's a significant problem
		45.3%	It's a problem
		17.0%	It's not a problem

		Determining ROI for ID and access management projects:
		14.8%	It's a significant problem
		39.7%	It's a problem
		24.3%	It's not a problem

		Mapping activities to compliance requirements:
		19.0%	It's a significant problem
		41.9%	It's a problem
		26.0%	It's not a problem

		6. Share your impressions of the following statements.
		My company still uses a manual process for provisioning accounts and determining access rights.
		71.2%	True
		21.0%	False

		Regulations are motivating us to automate ID and access management processes.
		52.5%	True
		29.6%	False

		Giving partners and suppliers access to our systems would enable a more efficient supply chain process.
		40.5%	True
		29.1%	False

		We will investigate deploying a new strong authentication mechanism this year.
		46.7%	True
		34.6%	False

		We run multiple directories from different vendors.
		46.7%	True
		34.6%	False

		Our users have to remember too many passwords.
		73.7%	True
		21.2%	False

		Business unit managers and HR see themselves as key stakeholders in ID and access management projects.
		29.1%	True
		50.8%	False

		Upper-level management is a strong supporter of ID and access management improvements.
		52.2%	True
		33.0%	False

		7. Which of the following directory services/group policy/provisioning vendors do you use? (Select all that apply.)*
		84.6%	Microsoft
		24.0%	Sun Microsystems/Symantec (tie)
		23.5%	IBM
		19.3%	Novell
		14.0%	CA
		* - Top five most-popular results listed

		8. Which of the following companies is your primary directory/policy/provisioning vendor?*
		64.5%	Microsoft
		8.1%	Novell
		4.7%	IBM
		4.5%	Other
		3.9%	Sun Microsystems/Symantec (tie)
		* - Top five most-popular results listed

		9. Which of the following vendors do you use for authentication/authorization? (Select all that apply.)*
		72.6%	Microsoft
		33.0%	Cisco Systems
		26.0%	RSA Security
		20.7%	Verisign
		14.5%	IBM
		* - Top five most-popular results listed

		10. Which of the following vendors do you use for network access control/endpoint security? (Select all that apply.)*
		52.5%	Cisco Systems
		49.4%	Microsoft
		20.4%	McAfee
		15.6%	None
		11.5%	Symantec (Sygate)
		* - Top five most-popular results listed

		11. Which of the following companies is your primary network access control/endpoint security vendor?*
		39.1%	Cisco Systems
		34.9%	Microsoft
		11.7%	Other
		5.9%	McAfee
		5.3%	Symantec (Sygate)
		* - Top five most-popular results listed

Related Topics: Two-Factor and Multifactor Authentication Strategies, Enterprise Single Sign-On (SSO), Password Management and Policy, VIEW ALL TOPICS

Dig Deeper

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

Show me more

Join the conversationComment

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Latest Headlines

Featured

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

Inside the numbers: Access (out of) control?

Requires Free Membership to View

Dig Deeper

Articles

Related glossary terms

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

Latest News

More from Related TechTarget Sites