Micro Focus and Ponemon Global Survey Finds the Demand for Delivering Business Innovation Faster Leads to Strains on Cybersecurity

Report reveals that IT is struggling to deploy basic security processes like identity and access governance due to the high pace of business change

21 September 2016

Micro Focus (LSE: MCRO.L), in partnership with the Ponemon Institute, announced today results of a new global survey focused on explaining why business innovation and IT security often do not go hand in hand. Results demonstrated that organizations know how to improve security; however, due to pressures caused by the rate of business change, including the adoption of new technologies and applications, organizations are sacrificing security for the speed of business.

"All enterprise organizations are under pressure to drive business innovation in order to respond to changes in the competitive landscape, and to meet changing customer expectations," said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. "This is fueling a trend toward digitalization as more resources and interaction move online, requiring greater and freer access to online information sources. Yet the survey shows that the security, access management, and governance processes to support this digitalization are not yet in place."

Survey respondents recognize the need to provide access in a timely manner for business users, unfortunately the processes are difficult to manage, and the resources to support this effort are scarce. Responding to the need to grant access to information more quickly, organizations are prematurely empowering business users to manage access themselves. This leads to increased risk to sensitive information such as customer data and employee information, and further widens existing gaps in controls, such as for mainframe systems.

Key survey findings revealed that:

  • 62 percent said they cannot keep up with the rate of change or apply controls that are sufficiently broad to keep information secure.
  • 44 percent believe that the process of granting access is burdensome.
  • 64 percent say that customer information is at risk because of poor access controls.
  • 47 percent say that there is a risk to employee information as a result of poor access controls
  • 49 percent believe IoT is a significant trend affecting identity and access management (IAM).

Room for Improvement

To reduce risk, yet still empower the business to make information access decisions, organizations must re-evaluate current security strategies and processes. Survey findings revealed these top trends for reducing risk:

  • 48 percent believe that good identity and access management (IAS) technology can be successful in achieving business process goals.
  • 69 percent see multifactor authentication as an important technology for enforcing access management.

"Some organizations may be confident they have the right controls in place but they should prepare for significant changes brought about by trends such as continued adoption of cloud services, the accelerating move to mobile, and of course, the Internet of Things," commented Geoff Webb, vice president, Strategy at Micro Focus. "Organizations will continue to adopt more automated, integrated, and secure commercial solutions for managing and governing access to facilitate the rapid and seamless information exchanges that provide the fuel for business innovation on a global scale."

Recommendations for the Enterprise:

To enable the shift towards more automated, integrated, and secure solutions for managing and governing access businesses must:

  • Create a more collaborative relationship between the security and IT teams. Companies are looking to move to mobile platforms and the cloud, and will therefore need to bridge the gap between the need of organizational security and the need of the business. Security cannot be an afterthought in this process; both teams need to continually collaborate for secure, best business processes.
  • Create a process to verify user identity. Granting access based on privileged identities is a must for the integrated and always-on businesses of today. Businesses will need guidance and guardrails from IT in order to create and maintain best practices for granting access. It’s important that the security and IT team work together to create these processes to ensure risk does not build over time.
  • Move away from homegrown systems. These internally built systems will not scale and are not flexible enough to include the use of mobile platforms and the eventual shift to the cloud. Although homegrown solutions may have worked in the past, they are not sustainable as the rate of change within the business will continue to accelerate and process changes, and systems need to be in place to keep up with this change.

The full Global Trends in Identity Governance & Access Management report can be downloaded here.

About Micro Focus

Micro Focus (LSE: MCRO.L) is a global enterprise software company helping customers innovate faster with lower risk. Our software helps customers build, operate and secure IT systems that bring together existing business logic and applications with emerging technologies to meet increasingly complex business demands. For more information, visit: www.microfocus.com.

Media Contact:

Anne Trapasso, Voce Communications
(312) 552-6327

Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.