Skip to main content
banner image
venafi logo

How Much Do Financial Service Organizations Struggle with Machine Identities?

How Much Do Financial Service Organizations Struggle with Machine Identities?

Financial Services Machine Identity Protection
December 3, 2018 | Eva Hanscom

Managing user and machine identities, as well as privileged access to business data and applications, is an enormous undertaking that has serious security ramifications—especially for financial services organizations.

Traditionally, the focus for IAM programs has been people-centric. However, with the recent increase in the number of machines on enterprise networks, shifts in technology, and the latest computing capabilities, a new set of challenges have emerged for financial service organizations, requiring an increased focus on the protection of machine identities.

Venafi recently published results of a June 2018 commissioned study titled Securing The Enterprise With Machine Identity Protection. Conducted by Forrester Consulting on behalf of Venafi, the study examined the views of 116 IT security professionals from financial services and insurance organizations in the U.S., U.K., Germany, France and Australia.

According to the study, “Newer technologies, such as cloud and containerization, have expanded the definition of machine to include a wide range of software that emulates physical machines. Furthermore, these technologies are spawning a tidal wave of new, rapidly changing machines on enterprise networks. To effectively manage and protect machine identities, organizations need: complete visibility of all machine identities across their networks; actionable intelligence about each machine identity; and the capabilities to effectively put that intelligence into action at machine speed and at scale.”

A key finding from the Venafi study reveals that eighty percent of financial services respondents, who are responsible for identity and access management (IAM), believe automated communications between machines on their organizations’ networks are mostly secure.

For example, 71% of respondents believe effective protection of machine identities is critical to the long-term security and viability of their companies. However, on average, financial services organizations are only tracking 42% of the most common types of machine identities.

The study assessed the number of respondents who follow the progress of specific machine identities and found the following:

  • Only 56% track cloud platform instance machine identities.
  • Just 55% track physical server machine identities.
  • Less than half (48%) track mobile device machine identities.
  • Nearly a third (34%) track the machine identities of SSH keys.
  • Only 28% track the machine identities of containers.
  • Just 26% track the machine identities of microservices.

Additional findings from the study include:

  • 41% say the lack of system administrator focus on machine identity use and protection is their greatest machine identity protection challenge, while 41% say it’s the lack of automated processes to inventory machine identities.
  • 60% are most concerned about internal data theft or loss as a consequence of weak machine identity protection, while 58% are most concerned about customer data theft or loss.
  • 45% believe machine identity protection will be a higher priority than human identity protection within the next two years.

“Financial services organizations have more work to do in order to make sure their machine identities are protected, and we know these issues are not unique to a specific industry,” says Jeff Hudson, CEO of Venafi. “Despite the importance of machine identities, most organizations are overwhelmed by the sheer number of them on their networks, and they don’t have the visibility, intelligence or automation necessary to take the necessary steps to close the gaping hole in security.”

Want to learn more about the study? Check out the webpage below for additional information:
https://www.venafi.com/forrester-whitepaper

Related posts

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

man sitting on chair and thinking

Venafi Study: Are Financial Service Organizations More Likely to Suffer Certificate-Related Outages?

accessec, APIIDA, Crypto4A, Difenda

Six Groundbreaking Machine Identity Protection Developers Gain Funding

code signing certificates, Code Signing, Stuxnet, ShadowHammer

Study: How Well Are You Protecting Code Signing Certificates?

About the author

Eva Hanscom
Eva Hanscom

Eva Hanscom writes for Venafi's blog and is an expert in machine identity protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat