Almost 30% of all organizations in Europe and the Middle East continue to rely on passwords as their exclusive authentication method, despite the dangers posed by using such a strategy, according to a recent survey.
Security teams struggle with one big problem -- balancing security and convenience. While it might seem common sense to implement draconian security measures, it’s not always the answer, especially in companies with many employees. According to the survey, 67% of European IT leaders try to offer the best possible security for the least amount of hassle, which, of course, is a problem in itself.
On top of that, the COVID-19 pandemic forced many companies and organizations to move employees home, which in turn presented a new challenge to security teams. Leaving the protective umbrella of the corporate network, people find themselves using static passwords and old security measures that no longer stack up.
The Thales survey looked at the security practices of organizations in Europe and the Middle East and found that 29% believed that usernames and passwords are adequate protection.
On the other hand, 57% of companies in these regions consider that the most significant threats come from unprotected infrastructure such as IoT devices, followed by cloud apps (55%) and web portals (43%).
The good news is that fewer companies remain overly reliant on user names and passwords, and the trend started to shift in the past 12 months. In fact, 94% of organizations have changed their security policies around access management.
“As more and more businesses move to adopt cloud-based services for CRM, email, employee collaboration, and IT infrastructure as part of their digital transformation strategies, the struggle to extend old solutions, designed to protect internal resources, to the outside world becomes very problematic,” said Francois Lasnier, Vice President for Access Management solutions at Thales.
“Often, in an effort to adapt to the new working habits of users connecting from anywhere, which is increasingly pertinent right now and will become standard moving forward, businesses tend to revert back to old password-based logins for cloud services in despair. This is knowingly increasing their security exposure to credential stuffing and phishing attacks.”
The future of security is biometric authentication, and 75% of companies are already investing in this technology. The smart SSO (Single Sign-On) technology is seeing even better acceptance, with 81% of the companies looking to adopt it.
The survey covered 400 executives in seven countries in Europe and the Middle East connected to IT and data security.