EGHAM, UK: The number of organisations using software tools to manage passwords for shared accounts grew 50 per cent worldwide in 2007, according to Gartner, making it one of the fastest-growing identity and access management (IAM) markets. Analysts predict that the shared-account password management (SAPM) market will continue to exhibit strong growth and that more than half of large organisations will use SAPM tools by the end of 2010.
Growth has been driven largely by regulatory compliance, especially where regulations, such as payment card industry data security standard (PCI DSS), require personal accountability. “Two or three years ago, the adoption of SAPM tools was largely focused on larger financial services companies,” said Ant Allan, research vice president at Gartner. “However, compliance has further driven growth across a variety of vertical industries and sizes of organisations. SAPM tools can minimise the risks associated with the use of shared accounts, improve regulatory compliance, and reduce operational costs.”
Gartner estimates that around half of organisations using SAPM tools are large (i.e. organisations with 5,000 employees or more), around two thirds are based in North America and a quarter is based in Europe, the Middle East and Africa (EMEA). One fifth is in banking and other financial services.
“SAPM tools have emerged as best practice for managing shared-account passwords,” said Allan. “Increasingly, they are also being used to manage security and operational risks for software-account passwords used for application-to-application (A2A) and application-to-database (A2DB) access. However, implementation may require an organisation to change every calling application which could create a significant bottleneck to roll out.”
Gartner recommends that organisations use a SAPM tool to automate processes and enforce controls for shared superuser accounts and shared firecall accounts that provide higher than normal privileges for emergency access outside normal working hours. “Organisations considering using SAPM tools to manage passwords for software accounts need to do so as part of a broader application security strategy,” concluded Allan.