57% of Organizations Take Days or Weeks for Infrastructure Access to be Approved
Wednesday, June 29th, 2022
strongDM, the company behind the world's only People-First Access Platform, today released the results of its latest survey, the 2022 Access-Productivity Gap Report, which revealed that almost two-thirds of organizations have their productivity impacted on a daily or weekly basis due to access issues. The survey of 600 DevOps professionals highlights the consequences organizations can face when access is poorly managed and technical teams turn to workarounds to access critical systems.
Over Half of Technical Staff Wait Days or Weeks for Access to Critical Systems
The report shows that it takes days to add tools to existing access solutions for 40% of the organizations surveyed, with 21% of businesses waiting weeks or months. As a result, access, productivity and security create a negative loop. When technical staff is unable to access new tools, productivity is impacted. When that happens, it should come as no surprise that impatient employees will devise workarounds that create unintended security risks.
In an effort to keep data and systems secure, access to infrastructure and new tools is restricted to ensure security. But at what cost? Fifty-seven percent of organizations report that it can take days or weeks for access requests to be approved – which isn't counting the 10% of organizations that don't have clear SLAs for access at all. In the meantime, businesses experience lost productivity as they wait:
Access issues consistently impact productivity: 64% of organizations have their productivity impacted on a daily or weekly basis due to access issues
Significant time is lost simply accessing infrastructure: 73% of employees require 15 or more minutes to get access to infrastructure, with over a quarter (30%) requiring more than 30 minutes
Poor access practices means missed deadlines: 52% of development teams have missed deadlines due to issues with accessing infrastructure, with 53% of teams being held accountable for the missed deadline even if it was caused by lack of access to the required infrastructure
Complicated Access Can Lead to Data Breaches
Technical teams that are unable to access required resources often embrace risky workarounds in order to perform job functions. The data shows that 55% of IT, security and DevOps team members are maintaining backdoor access to systems and 42% have embraced "shadow IT" in order to get access to tools and systems needed for their roles. Further complicating matters, 53% of respondents are sharing credentials across teams, adding exceptional risk, especially since credentials are involved in a majority of all data breaches.
A People-First Approach Streamlines Access Without Compromising Security
Organizations looking to combat the access productivity gap should rethink access around the people that need it, making it both easier and more secure, rather than adding more user and administrator friction in an effort to improve security. Doing so has tangible benefits including:
Improved onboarding: Reducing the number of admin hours it takes to onboard new technical employees annually from 24 hours to 5 minutes, and the number of staff hours waiting to receive credentials from 48 hours to 16 hours
Simplified offboarding: Reducing the number of hours it takes to revoke credentials once an employee departs from 3 hours to 5 minutes
Reduced time managing access issues: In an organization who has 300 incidents per year with 6 engineers required per incident, it took on average 5 minutes to gather evidence with a people-first approach compared to eight hours with legacy approaches
Saved time means saved money: Organizations who adopted a people-first approach saved $1.9 million worth of employee labor hours
"Technical teams should not have to choose between access, productivity and security," said Tim Prendergast, CEO of strongDM. "In today's hybrid work environment, it is critical that organizations use a people-first approach to access management so that IT, security and DevOps teams can access what they need without opening their company up to added security risks. Too often, people spend more time setting up their connections to do work than they actually spend doing work. We need to make security more manageable. Doing so can create harmony between teams, administrators and end users while keeping everything secure."