2025年IGA现状调研报告

Table of Contents Introduction and Key Findings ..............................................................................................................................................................................................................3Survey Report Findings............................................................................................................................................................................................................................7IGA Is a Predominately Manual Activity ........................................................................................................................................................................................... 8The UK is Ahead of the US in IGA Automation...............................................................................................................................................................................9Integration and Customization are the Roadblocks to Automated IGA............................................................................................................................. 10Organizations Struggle to Govern Application Permissions Due to Integration Issues.................................................................................................. 11Compliance Drives User Access Reviews, With Most Organizations Having 5+ Compliance Obligations............................................................. 12The Scope of User Access Reviews is Increasing, With No End in Sight............................................................................................................................. 13Large Efforts are Required to Complete User Access Reviews to Auditor Satisfaction.................................................................................................14Orphaned and Excessive Permissions are a Pervasive Problem ............................................................................................................................................ 15 Introduction and Introduction & Methodology As the traditional network security perimeter has dissolved, with applications moving to the cloud, it is widely accepted that identity isboth the new perimeter and the top vector of cyberattack. Organizations are dealing with increasing compliance mandates, expandingapplication environments, and more applications owned by a wider range of staff (both IT and non-IT). However, legacy IdentityGovernance and Administration (IGA) tools have been around for twenty years or more, andthey simply weren’t built to meet this As the leading provider of Modern Identity Governance and Administration, Zilla Security provides a SaaS platform that automates theprocesses of identity compliance, provisioning, and security. Weembarked on this report to uncover the true state of IGA in today’senterprises. Where are identity and security leaders on their automation roadmap? How much of a struggle are they finding everyday The results shine a light on an industry that’s starting to mature,but where just 6% are fully invested in automating IGA processes. Yetthe majority are seeing the negative impact of a reliance on manual execution. Methodology To get more insight into the state of IGA processes today, we commissioned a survey of 300 Identity Management leaders, with 80%from the U.S. and 20% from the U.K. The respondents were split evenly between companies with 250 to 1,500 employees and thosewith 1,501 to 15,000 employees. We chose 40% of respondents from organizations in the financial services sector, 25% from This report was administered online by Global Surveyz Research, a global research firm. The respondents were recruited through aglobal B2B research panel, invited via email to complete the survey, with all responses collected during October 2024. The average Key Findings Manual execution of crucial IGA tasks is the norm–fewer than 6% of companies have full automation in place84% of organizations rely heavily or entirely on manual processes for performing activities such as user access reviews andprovisioning. 283% say difficulty integrating with IGA systems is the primary cause of manual IGA processesThe cost and difficulty of application integration with legacy IGA solutions is very high. As a result, only 11% of identity leaders thathave deployed an IGA solution have managed to integrate 50% or more of their applications. 3Identity leaders say the effort required to satisfy auditors is high, 39% struggle to keep up,and it’s getting harder 99% of companies complete user access reviews to satisfy compliance regulations, and 55% have 5 or more regulations for whichthey are required to perform reviews. 91% report an increased scope for this task over the past three years, and 84% are expecting the Excessive permissions are a growing risk, with 10%+ of entitlements being excessive at over half of all organizations Orphaned or excessive permissi