Report reveals an overwhelming majority of organizations are already working on an authorization strategy.
PlainID has released its 2022 State of Access and Authorization Report, examining identity as the new enterprise perimeter. Based on research conducted with IT and security professionals throughout North America and the UK, the report reveals that authorization is a rising priority in identity and access management (IAM). It also revealed that organizations are needing to consolidate and standardize access control and authorization for a stronger security strategy.
Compared to last year, when strong authentication was the top IAM-related cybersecurity priority, in 2022 IAM priorities shifted with authorization-related, the report indicates a shift in IAM priorities in 2022, with authorization-related initiatives such as run-time access (62%), API access control (51%), and policy-based access control gaining traction (43%). This shift is driven from the top, with C-suite ranking authorization initiatives at the highest levels.
“Modern businesses are shifting to zero trust security architecture, while also adopting a more identity-centric approach to security. Authorization is the missing piece of the puzzle that can support organizations in achieving digitization and modernization, and bridge the gap between security and IAM,” said Oren Ohayon Harel, CEO and co-founder, PlainID.
- With the shift to identity-first security and with security perimeters now spread across data, APIs, applications, and more, managing access has become highly complex, manual, and distributed across multiple systems. This is driving the need for standardization and scale, which were reported as the top two drivers for authorization solutions, at 25% and 17%, respectively.
- The implementation of advanced authorization and access control methods such as attribute-based access control (46%) and policy-based access control (44%) are closing in on traditional and basic methods such as access control list (52%) and role-based access control (60%)
- When asked about their authorization strategy, almost all (96%) of the organizations have already implemented their approach or are in the process of developing it. Respondents were almost equally split in terms of where they are on their roadmap, with just over a third (35%) of companies already having an authorization strategy in place. A further 31% have defined their strategy ready to implement in 2022, while 30% are in the process of deciding on their strategy, with plans to implement it over the next five years.
“As the enterprise perimeter shifts and data and APIs become a target, as well as the continuing growth of multi-cloud usage and work from home initiatives, security technologies and strategy need to change if organizations are to meet their objectives,” added Harel.
Research was carried out in Q4 2021 across 200 respondents from manager to C-level in IT or security roles. Respondents were located in the UK, US, and Canada. All companies surveyed had more than 2,000 employees overall.
To download a full copy of the 2022 State of Access and Authorization Report, visit https://go.plainid.com/state-of-access-control-and-authorization