40% of Enterprises Face High Likelihood of Outages According to State of Machine Identity Management Report
Wednesday, April 14, 2021
New Report from Keyfactor and Ponemon Institute Uncovers Significant Gaps in Enterprise Identity and Access Management Strategies
CLEVELAND, April 6, 2021 /PRNewswire-PRWeb/ -- Keyfactor, the leader in PKI as-a-Service and crypto-agility solutions, and Ponemon Institute today released the first-ever State of Machine Identity Management Report, a study exploring enterprises' ability to manage and protect machine identities, keys and certificates in digital business.
"Machine identities, such as keys, certificates and secrets, are essential to securing connections between thousands of servers, cloud workloads, IoT and mobile devices," said Chris Hickman, chief security officer at Keyfactor. "Yet the survey highlights a concerning and significant gap between plan and action when it comes to machine identity management strategy. Acknowledgement is a step in the right direction, but a lack of time, skilled resources and attention paid to managing machine identities makes organizations vulnerable to highly disruptive security risks and service outages."
Distributed workforces and the proliferation of connected devices have contributed to a rapid rise in the volume of machine identities. As a result, increased workloads, lack of visibility, misconfigurations and shorter SSL/TSL certificate lifespans are creating concern and risk for IT professionals and security leaders.
Additional key report findings:
-- Certificate-related outages are widespread: 88% of organizations
reported experiencing at least one unplanned outage due to expired
certificates in the past 24 months. Another 41% reported four or more
outages.
-- The rate of failed audits is rising: on average, organizations
experienced approximately five failed audits or compliance incidents due
to insufficient key management within the past 24 months. Compared to
other machine identity-related incidents, such as unplanned certificate
outages or theft and misuse of keys and certificates, audit failures are
considered the most serious, according to 75% of respondents.
-- Neglected SSH credentials and code signing keys are increasing security
risk: 57% of respondents do not have an accurate inventory of SSH keys
and 26% say they never rotate SSH credentials. Many enterprise teams
continue to store sensitive code-signing keys on build servers (33%) and
developer workstations (19%).
-- Enterprises are struggling to establish internal policies, governance
and best practices: only 1/3 of organizations report having a mature
cryptographic center of excellence (CCoE) to support the direction and
implementation of an enterprise-wide cryptography strategy.
-- Staffing shortages: 40% of respondents identified a lack of skilled
personnel as a barrier to setting an enterprise-wide cryptography and
machine identity strategy. Only 45% of teams say they have sufficient
staff dedicated to their PKI deployment.
"Mitigating machine identity risk and achieving zero trust are top priorities for teams hardening their overall security posture," said Hickman. "Having an enterprise-wide crypto-management strategy ensures best practices and automated processes are put in place to mitigate the risks that come with higher volumes of machine identities and increased workloads."
The study was conducted by Ponemon Institute on behalf of Keyfactor and includes responses from 1,162 IT and infosec executives and practitioners in North America and EMEA, spanning 12 industries, including financial services, healthcare, manufacturing, retail and automotive.
View the complete findings and download the 2021 State of Machine Identity Management Report today.
About Keyfactor
Keyfactor is the leader in cloud-first PKI-as-a-Service and crypto-agility solutions. Its Crypto-Agility Platform(TM) empowers security teams to seamlessly orchestrate every key and certificate across their entire enterprise. The company helps its customers apply cryptography in the right way from modern, multi-cloud enterprises to complex IoT supply chains.
With decades of cybersecurity experience, Keyfactor is trusted by more than 500 enterprises across the globe. Built on a foundation of trust and security, Keyfactor is a proud equal opportunity employer, supporter and advocate of growing a trusted, secure, diverse and inclusive workplace. For more information, visit http://www.keyfactor.com or follow us on LinkedIn, Twitter and Facebook.
Media Contact
Angela Tuzzo, MRB Public Relations, 732-758-1100, atuzzo@mrb-pr.com
Jamie Walker, Keyfactor, 802-338-0817, Jamie.walker@keyfactor.com
SOURCE Keyfactor
|
|
|
|
|
 |
Asetek - Mandatory Notification of Trade | Jan 22, 2026
|
 |
BC.GAME to Host "Stay Untamed" Night During Abu Dhabi's Packed Web3 Summit Week | Jan 22, 2026
|
 |
Tomorrowland Brings the Magic to Shanghai for a Spectacular First Indoor Edition in China | Jan 22, 2026
|
 |
Rent Manager Earned Best Real Estate Software Product Award and Multiple Review Badges from G2 Platform | Jan 22, 2026
|
 |
Auburn University's Applied Research Institute Expands Advanced Manufacturing Capabilities with CF3D Enterprise Cell | Jan 22, 2026
|
 |
California Divorce Mediation Center Unveils Modern Website Redesign | Jan 22, 2026
|
 |
AMPERA ANNOUNCES LOCATION FOR GLOBAL HEADQUARTERS | Jan 22, 2026
|
 |
Gemmy Alerts Customers: Fake Websites Target Holiday Decorators | Jan 22, 2026
|
 |
Culture and tourism sectors thrive in Xiamen | Jan 22, 2026
|
 |
Immutable Announces First Co-Founder-Hosted Live Webinar: How to Dominate Your Steam Launch | Jan 22, 2026
|
|
|