sb-as logo
Story image

Facebook & Amazon have better authentication methods than enterprises, say IT pros

08 Mar 2018

Facebook and Amazon may have better authentication methods than the average enterprise and some IT managers are shunning the idea of enterprise-grade security.

Those are the results from Gemalto’s 2018 Identity and Access Management Index, which found that 64% of 1000 IT decision makers worldwide admit that their teams might end up using consumer-grade solutions for cloud access.

54% believe their current authentication methods at their organisation are worse than those offered by Facebook and Amazon.

The problem stems from the growing number of cloud applications in use within the enterprise, an increase in the number of remote workers and pressure to make authentication stronger – all while ensuring ease of use.

To do that, IT professionals are eager to ‘consumerise’ the login process. 70% believe that authentication methods used in the consumer space can be used within the enterprise.

“These findings clearly show that IT managers are struggling to balance the need for a simple and easy login experience with security,” comments Gemalto’s SVP for identity and access management, Francois Lasnier.

92% of IT leaders are concerned about employees who use personal credentials for work and 61% don’t use two-factor authentication for network access.

While cloud access requirements are not going to decline any time soon, new approaches might be able to solve some of IAM’s major problems. 94% believe cloud access management is integral to adopting cloud applications.

Respondents say the cost of inefficient cloud access management can result in security issues (52%), less efficient use of IT staff time (39%) and increased IT costs and overheads (38%).

62% believe cloud access management tools can simplify the user login process and 72% say the desire to use such solutions comes from the opportunity to reduce the threats from large-scale breaches.

“While there is a need to make things easier for employees, there is a fine line to be walked. IT and business line managers would do best to figure out the risks and sensitivities associated with the various applications used in their organisations and then use access management policies to manage risk and apply the appropriate authentication method. In this way, they can ensure a convenient login experience for their users, while still maintaining access security,” Lasnier explains.

Cloud and secure access will continue to be a critical part of organisations, particularly as the remote

“The rapid increase of cloud apps has brought organisations lots of benefits, but also caused a high degree of fragmentation in their ability to manage access security across numerous cloud and on-premises applications,” continues Lasnier.

“Without effective access management tools in place, this is liable to lead to higher risk of breach, a lack of visibility into access events, regulatory oversite - and hamper organisations’ ability to scale in the cloud.”

Bringing the message closer to home: Australian findings show:

  • Half of Australian respondents identify web portals as the biggest target for cyber-attacks, 49% of Australians think organisations have poor visibility over their applications in the cloud and that this is putting them at risk of being a target for cyber-attacks.
  • 25% of Australians said mobility is viewed as a luxury for users, compared to just 17% globally and only 4% of Belgians, as an obstacle to mobility
  • 47% say security concerns are the main obstacles to increased user mobility in their organisations
  • 40% of Australians reported cost as a main obstacle to increased user mobility in their organisation, compared with 31% global average
  • 46% think the impact/potential outcome of ineffective cloud access management is larger scale breaches due to a lack of visibility over cloud, compared to just 37% globally.
  • 89% of Australians are concerned about employees at their organisation reusing personal credentials for work purposes
  • 29% of Australian employees use their own personal account when using social media for work purposes
Story image
LogRhythm buys out MistNet to bolster analytics capabilities
LogRhythm says its aim is to bring stronger levels of machine learning-based detection and response.More
Story image
Cybercriminals leverage AI to sustain attacks on enterprises
What is less discussed is how cybercriminals are taking advantage of those very same technologies to automate their attacks, too.More
Story image
Hornetsecurity acquires Altaro, the latest in acquisition spree
The move is a culmination of a medley of acquisitions made by Hornetsecurity recently, following the January 2019 acquisition of Spamina, a Spanish cloud email security company, as well as EveryCloud, its British market partner, in early 2020.More
Story image
Online gaming a 'hotbed' for DDoS attacks — report
The latency and availability issues present in online gaming, in particular, presented an attractive target to attackers, in addition to the enduring popularity of gaming in the era of COVID-19.More
Story image
Palo Alto Networks advances attack surface management with Expanse
"By integrating Expanse's attack surface management capabilities into Cortex after closing, we will be able to offer the first solution that combines the outside view of an organisation's attack surface with an inside view to proactively address all security threats."More
Story image
IronNet expands Asia Pacific presence with new strategic partnership
“The combination of M.Tech’s extensive network in Asia Pacific and our unparalleled expertise in threat intelligence and detection will help more enterprises across the region to proactively identify and take down known and unknown threats before they happen.”More