Venafi's latest report, The Impact of Machine Identities on the State of Cloud Native Security in 2024, reveals critical security challenges stemming from the proliferation of unmanaged machine identities, according to Enterprise Times.
According to the report, such accounts, which often use default passwords and lack proper monitoring -- exposing cloud-native environments to significant risks -- now constitute over 90% of Active Directory identities. The report found that 56% of surveyed organizations experienced cloud-native security incidents linked to service accounts, with unauthorized data access, compliance failures, and audit issues being common consequences. Service account token theft further exacerbates risks, enabling lateral movement, Kubernetes API exploitation, and privilege escalation. Despite these threats, 99% of teams rely on such accounts, with 83% citing complexity as a significant barrier to effective management.
To address these challenges, organizations are adopting tools like SPIFFE and SPIRE to secure workload identities. However, the report stresses that failing to secure machine identities undermines broader security efforts. Other key issues include poor certificate management and secrets management deficiencies. Venafi researchers are calling for centralized visibility and automation to monitor and secure machine identities across enterprise networks, and also emphasize integrating machine identity security into existing frameworks.
