The slow rise of two-factor authentication

Cybersecurity insurance CSC Blogs

Despite the potential adverse impact on employee productivity, most IT departments worldwide “still restrict users from accessing sensitive corporate data and resources from mobile devices,” according to a report from Amsterdam-based digital security vendor Gemalto.

The company surveyed 900 IT decision makers around the globe, the vast majority (94%) of whom “are concerned that their organization will be breached or hacked as a result of theft of confidential data or compromise.” (And what’s up with that carefree 6%?)

Some other numbers from the survey:

  • 92% of IT departments restrict mobile users from accessing corporate resources from their devices
  • 98% of organizations have users who require mobile or remote access
  • Respondents reported having, on average, two mobile end points per user within their enterprises

Got 100 employees? Congratulations, you have 200 mobile endpoints to secure! But the IT pros surveyed see a potential solution: 95% of respondents believe “two-factor authentication (2FA) can help their organization comply with data protection regulations and pass security audits,” Gemalto reports.

Yet, for some reason, 2FA adoption lags behind the perception of its importance. Only 38% of users in respondents’ enterprises currently use 2FA. The good news for IT professionals counting on two-factor authentication protecting their enterprises from data breaches is that the percentage of users is expected to reach 51% within two years.

And the good news for enterprise mobile users — most of whom I suspect hate the minor hassle of 2FA — is that IT seems to get it: 94% of respondents said “frictionless authentication methods” are key factors when evaluating vendor solutions.

Does your enterprise require 2FA? And do your mobile employees hate it? More importantly, is it offering the protection your enterprise needs?

Comments

  1. Martin Reilly says:

    Chris,

    I found the numbers above useful and they confirm some of my impressions from the work we are doing with clients in Cyber. I am seeing three clear drivers for the adoption of multi-factor authentication.

    First is the need for stronger authentication by privileged users to reduce the risk and increase accountability of the insider threat. CSC Cyber has deployed hardware tokens for access to system administration accounts and is now starting to deploy soft tokens to smart phones as the old tokens reach end of life.

    Second is the migration of corporate systems into cloud hosted services where the users are no longer on the corporate managed device or corporate network and need extra assurance at authentication from stronger authentication. Our CSC Cyber team has rolled out the MS Azure MFA solution for access to our new Office 365 work space for example. The use of push notification and time based pass codes adds stronger authentication in a convenient form factor.

    The third driver is the adoption of mobile devices and especially bring your own device that demands the extra assurance offered by two factor authentication. This is being addressed by stronger authentication options such as digital certificates as part of a PKI solution, push notifications and one time passwords via SMS and email channels for example.

    We have a number of options such as the Symantec VIP solution and innovative Biometric solutions such as CSC’s own ConfidentID offering that enables consumer login to financial services using a smart phone and a range of biometrics.

    CSC is well equipped to help our customers adopt Multi-Factor Authentication (MFA) during this coming period of rapid adoption.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: