How would you rate your current processes for managing/governing machine identities (API tokens, service accounts, etc)?

Process ManagementIdentity & Access Management (IAM)

Very effective5%

Effective37%

Somewhat effective25%

Somewhat ineffective19%

Ineffective11%

Very ineffective3%

Unsure

63 PARTICIPANTS
321 viewscircle icon1 Comment
Sort by:
CISO in Software6 months ago

What is the most popular solution in this space that most people are using?

Lightbulb on1

Content you might like

How does your company split tech spending between “IT” and “Platform” categories?

All spend considered as IT37%

3/4 IT and 1/4 Platform43%

1/2 IT and 1/2 Platform15%

All spend considered as Platform4%

View Results

From your POV, what’s the current state of your resources/funding for data security governance efforts, overall?

Excellent (more than enough)11%

Good (we have enough to reach our goals)52%

Acceptable (could be better but we make do)34%

Poor/unacceptable (more funding needed ASAP)3%

Unsure / other

View Results

A common challenge in our risk-tiering framework for suppliers is that even the lowest risk tier still requires processing.
Has anyone implemented a "not relevant" risk tier in their model?
This tier would apply to vendors posing genuinely negligible security risk.

Apart from applying the patches just released, what other mitigation tactics are you using to address the zero-day SharePoint vulnerabilities impacting on-premises servers?

Thoughts on Copilot Vision? Do you think it presents more or less the same security concerns as Recall, even though it doesn’t constantly run in the background?