Infrastructure access and security.

Teleport this morning has released their 2022 State of Infrastructure Access and Security Report. The report details different challenges for DevOps, security engineering, and other security professionals.

Access control management.

Researchers analyzed how organizations manage the varied technology architectures and locations they use. Respondents were surveyed about the tools their organizations use to grant access, and how those tools have changed over time. 80% of respondents report using passwords to grant access to infrastructure, up 10% from 70% last year's tally. Those surveyed were also asked about their access policy systems, and it was reported that the average number of such systems in an organization is 5.7, which means among other things that there's a chance former employees could still be active in a system or two.

Confidence and clarity.

Respondents were asked how confident they were that, once an employee leaves their company, all of their access is revoked. Less than a quarter of those surveyed said that they had 100% confidence, and almost half of the companies are less than 50% sure of the lack of access. 57% of respondents also report that new security measures have been put in place that were not adopted by employees.

Evolutions in infrastructure access and costs.

87% of those surveyed report finding it important to move toward a passwordless infrastructure, which is up 10% from 2021. 77% of respondents report currently making an active attempt to implement passwordless access, and 78% of respondents are actively working on utilizing biometric authentication. 85% of respondents report increases in spending on security, and most of those surveyed (94%) strongly agree or somewhat agree on the importance of automating infrastructure access to reduce the costs of compliance.