Sign in to search Gartner Research
Analysts to Explore the Challenges Facing Identity and Access Management Programmes at Gartner Identity and Access Management Summit, London, 23-24 June 2008
The number of organisations using software tools to manage passwords for shared accounts grew 50 per cent worldwide in 2007, according to Gartner, making it one of the fastest-growing identity and access management (IAM) markets. Analysts predict that the shared-account password management (SAPM) market will continue to exhibit strong growth and that more than half of large organisations will use SAPM tools by the end of 2010.
Growth has been driven largely by regulatory compliance, especially where regulations, such as payment card industry data security standard (PCI DSS), require personal accountability. “Two or three years ago, the adoption of SAPM tools was largely focused on larger financial services companies,” said Ant Allan, research vice president at Gartner. “However, compliance has further driven growth across a variety of vertical industries and sizes of organisations. SAPM tools can minimise the risks associated with the use of shared accounts, improve regulatory compliance, and reduce operational costs.”
Gartner estimates that around half of organisations using SAPM tools are large (i.e. organisations with 5,000 employees or more), around two thirds are based in North America and a quarter is based in Europe, the Middle East and Africa (EMEA). One fifth is in banking and other financial services.
“SAPM tools have emerged as best practice for managing shared-account passwords,” said Mr Allan. “Increasingly, they are also being used to manage security and operational risks for software-account passwords used for application-to-application (A2A) and application-to-database (A2DB) access. However, implementation may require an organisation to change every calling application which could create a significant bottleneck to roll out.”
Gartner recommends that organisations use a SAPM tool to automate processes and enforce controls for shared superuser accounts and shared firecall accounts that provide higher than normal privileges for emergency access outside normal working hours. “Organisations considering using SAPM tools to manage passwords for software accounts need to do so as part of a broader application security strategy,” concluded Mr Allan.
Gartner analysts will further discuss how organisations can manage individuals’ use of shared accounts in a controlled and auditable manner at the Gartner’s Identity & Access Management Summit, taking place 23-24 June 2008 in London. The conference brings together a compelling blend of Gartner expertise, end-users and vendors in four tracks, including new research and best practice advice, real-life case studies, interactive panels and solution provider sessions over two days.
To register for the Summit, please contact Holly Winter, Gartner Public Relations, on +44 1784 267738 or email her at email@example.com. For more information on the Summit and the full agenda, please visit the Gartner IAM Summit website at www.europe.gartner.com/iam
Gartner, Inc. (NYSE: IT) is the world's leading information technology research and advisory company. Gartner delivers the technology-related insight necessary for its clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is the valuable partner in over 13,000 distinct organizations. Through the resources of Gartner Research, Gartner Executive Programs, Gartner Consulting and Gartner Events, Gartner works with every client to research, analyze and interpret the business of IT within the context of their individual role. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, U.S.A., and has 5,500 associates, including 1,400 research analysts and consultants, and clients in 85 countries. For more information, visit www.gartner.com.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.