Aembit reveals 2024 report on non-human identity security gaps in Maryland

On September 22, 2024, Aembit, a company specializing in non-human identity and access management, released its 2024 Non-Human Identity Security Report. The report highlights significant security gaps in how organizations manage non-human identities, such as applications and service accounts. It reveals that many organizations still rely on outdated methods and manual practices, which are inadequate in the face of increasing breaches targeting non-human identities. The survey, which included responses from 110 IT and security professionals, found that 88.5% of organizations believe their non-human identity access management (IAM) practices are lagging behind user IAM efforts. Alarmingly, only 19.6% of respondents expressed strong confidence in their non-human IAM practices, indicating a widespread lack of trust in current security measures. Insecure practices were prevalent, with 30.9% of respondents admitting to storing long-term credentials directly in code and 23.7% sharing sensitive information through insecure channels like email. Additionally, 35.6% of organizations reported difficulties in managing non-human identity security across complex multi-cloud environments, highlighting the challenges posed by modern IT architectures. David Goldschlag, co-founder and CEO of Aembit, emphasized the critical role of non-human identities in digital ecosystems and the urgent need for organizations to elevate their security practices. The findings underscore the necessity for a more holistic approach to managing non-human identities, especially as businesses increasingly automate and expand their cloud environments.