Gemalto, the world leader in digital security, has released the findings of its Authentication and Identity Management Index, which revealed that 90% of enterprise IT professionals are concerned that employee reuse of personal credentials for work purposes could compromise security.
However, with two thirds (68%) saying they would be comfortable allowing employees to use their social media credentials on company resources, Gemalto’s research suggests that personal applications (such as email) are the biggest worry to organizations.
Convergence of Personal and Workplace Identities
The enterprise and consumer worlds are merging closer together, with enterprise security teams under increasing pressure to implement the same type of authentication methods typically seen in consumer services, such as fingerprint scanning and iris recognition.
Six in ten (62%) believed this was the case, with a similar amount (63%) revealing they feel security methods designed for consumers provide sufficient protection for enterprises.
In fact, over half of respondents (52%) believe it will be just three years before these methods merge completely.
(SafeNet Authentication Service (SAS) changes the way you manage authentication by automating virtually every aspect of user and token management, allowing companies to reduce authentication management costs by up to 60 percent and free up IT administrators. Courtesy of Gemalto and YouTube)
Consumer breaches impacting enterprise security
Identity theft accounts for 64% of all data breaches across the globe, and consumer service breaches continue to rise, resulting in almost nine in ten (89%) enterprises addressing their access management security policies.
Half of enterprises have implemented extra training (49%) to allay their security concerns, 47% increased security spend, and 44% allocated further resources.
Employee expectations around usability and mobility are affecting how enterprises approach authentication and access management. Nearly half of respondents stated that they are increasing resources and spending on access management.
Deployment rates are also increasing: 62% expect to implement strong authentication in two years’ time – up from 51% of respondents who said the same thing last year, and nearly 40% responded they will implement Cloud SSO or IDaaS within the next two years.
Enterprises are clearly seeing the benefits, with over nine in ten (94%) using two-factor authentication to protect at least one application and nearly all respondents (96%) expecting to use it at some point in the future.
(Gemalto’s SafeNet Bluetooth Smart solution combines the unparalleled security of PKI with the anywhere, anytime convenience of mobile. Using either a Bluetooth Smart-enabled wearable badge holder or USB token, users can authenticate, digitally sign documents, and encrypt messages on multiple devices, using their existing PKI credentials. Courtesy of Gemalto and YouTube)
Mobility security still a challenge
As more enterprises become mobile, the challenges in protecting resources while increasing flexibility for employees working on the move increases.
Despite an increasing amount of businesses enabling mobile working, a third (35%) completely restricted employees from accessing company resources via mobile devices and nine in ten (91%) are at least part-restricting access to resources.
This is backed up as half of businesses (50%) admit security is one of their biggest concerns to increasing user mobility.
In order to protect themselves against threats from increased mobility, enterprises are still most likely to be using usernames and passwords – two thirds of users at respondents’ organizations are using this authentication method, on average.
Currently, 37% of users at respondents’ organizations are required to use two-factor authentication to access corporate resources from mobile devices, on average. However, like the rise for access while in the office, on average, respondents believe this will increase to over half (56%) in two years’ time.
“From credential sharing to authentication practices, it’s clear that consumer trends are having a big impact on enterprise security,” said François Lasnier, Senior Vice President, Identity Protection at Gemalto.
“But businesses need to make sure their data isn’t compromised by bad personal habits.
It’s encouraging to see deployment of two-factor authentication methods on the rise, and increased awareness for cloud access management, as these are the most effective solutions for businesses to secure cloud resources and protect against internal and external threats.
For IT leaders, it’s important that they keep pushing for security to be a priority at the board level, and ensure that it’s front of mind for everyone in an organization.”
Gemalto is the global leader in digital security, with 2015 annual revenues of €3.1 billion and customers in over 180 countries. We bring trust to an increasingly connected world.
Our technologies and services enable businesses and governments to authenticate identities and protect data so they stay safe and enable services in personal devices, connected objects, the cloud and in between.
Gemalto’s solutions are at the heart of modern life, from payment to enterprise security and the internet of things. We authenticate people, transactions and objects, encrypt data and create value for software – enabling our clients to deliver secure digital services for billions of individuals and things.