Trusted employees have always posed a threat to business. Not long ago the theft of intellectual property meant simply walking out of a factory with a proprietary part or blueprint.\nToday, the insider threat is much more insidious, and it\u2019s on the rise. According to the Insider Threat Spotlight Report, 74% of organizations feel vulnerable to insider threats, and 56% of security professionals say insider threats have become more frequent in prior 12 months.\nWhat\u2019s causing this new dynamic? Here are three trends that are driving the increased risk of insider threat.\nIncreasing IT Complexity\nGone are the days when employees used a single desktop physically connected to the network. Employees\u2019 computing habits have changed, and while these habits typically increase employee productivity and job satisfaction, they also increase IT complexity.\nIt\u2019s not unusual for a single employee to connect to the corporate network with two or three different devices during the course of the day. Some of these, like a corporate-issued laptop, may be managed by IT, but others, like a personally owned smart phone or tablet, are not. If a device is lost or stolen, so is everything on it, including corporate data. This has increased the complexity of managing not just who accesses the network\u2014but how.\nSoftware-as-a-Service (SaaS) solutions have also changed the way employees consume IT services. SaaS offerings are designed to address a variety of business needs, from file sharing and collaboration to project management and specific functional needs. Oftentimes, SaaS applications are free or low-cost, at least to get started. Departments, or the line of business, can easily test a dozen SaaS solutions, which is faster and more convenient than putting in a requisition with the IT organization.\nBut this also means that cloud applications can be adopted without IT oversight. If that happens, IT doesn\u2019t have the mechanisms in place to enforce strong credentials, if they even know that the applications exist. When employees abandon one of these applications, corporate data can remain on an unknown server in an unknown data center.\nMeanwhile, IT infrastructure continues to grow and evolve, both on premises in the corporate data center and in the cloud. Instead of simplifying the IT environment, technologies such as virtualization and cloud services add layers of complexity.\nThese technologies also expand access to include capabilities and rights that certain functional positions haven\u2019t had before \u2013 and that they don\u2019t need. For example, administrator access to big data implementations often provides access to much more than the specific actions and commands needed to perform their job.\nAs the IT infrastructure becomes increasingly diverse, heterogeneous, and siloed, identities proliferate, and IT organizations may struggle to maintain centralized oversight.\nBlind Spots in Identity Infrastructures \nTaking a disparate approach to managing these identities, either in silos or on local servers, not only creates additional overhead, but introduces blind spots where IT lacks visibility into specific accounts. Without visibility, it is difficult to identify and remediate potential security threats\u2014such as determining whether an employee is abusing their access privileges.\nBlind spots also impact the organization\u2019s ability to pass regulatory and policy compliance audits. For example, a common identity challenge for many organizations is the lack of visibility into local administrator accounts on Windows machines. This is a common cause of failed audits because there\u2019s no way to tell who has done what. Audit failures also occur because of inconsistent or nonexistent password policies.\nA centralized identity management platform can provide the visibility that IT organizations need to oversee identities across the entire organization. This type of platform can also help IT prove that the users who access servers and applications are indeed who they say they are, and provide an auditable trail of each user\u2019s activities.\nFreelancers and Contractors\nThe concept of the trusted insider now extends beyond full- and part-time employees. The need to run lean and mean has many organizations hiring freelancers, contractors, and service providers to help with everyday tasks. Departments also outsource work in order to access specialized skillsets. A small startup, for example, might outsource its blog to a content marketing firm, or a development organization might hire a cloud application development firm to migrate its apps to the cloud.\nIn all of these scenarios, third parties have access to valuable systems and data. Those identities must be managed to prevent privilege escalation, and to ensure that credentials are revoked if an employee at the third party company leaves. The employees at the third party itself pose a risk, but there is also the risk that a contractor\u2019s user credentials will be compromised and used to gain unauthorized access.\nThe Bottom Line \nThe insider threat isn\u2019t going away \u2013 in fact, it continues to grow and evolve. With an increasing number of applications and systems, and users accessing those systems, IT organizations need to implement a simple and standard approach to managing identity-related risks associated with insiders of all types.\nA unified identity management platform can help IT better manage the insider threat today and securely support next-generation IT and business initiatives. Furthermore, IT can continue to leverage its existing identity infrastructure to protect current investments and lower total cost of ownership while reducing management overhead.\nTo learn more about how to fully secure your identities, download the Centrify white paper, "Platform Approach to Securing Enterprise Identities."