The increasing number of workspace environments is proving a test for businesses with security, but how can cloud encourage more methods to be adopted?
The increase of cloud applications and number of Internet of Things (IoT) devices has led enterprises to re-evaluate their current security methods, putting more updated measures in place.
New research findings from Gemalto have found that UK businesses are still failing to adopt security solutions, despite the growing concern of protection and options available.
One of the highest findings revealed a staggering 92% of IT leaders raised concerns about employees reusing personal credentials for work, leaving systems easier to hack into. To overcome this 70% of businesses believe that consumer authentication could be applied in the workplace.
However despite concerns the research found a worrying 61% of businesses admitted they have still failed to implement two-factor authentication to access networks. One of the concerning findings is that of the 39% of staff in organisations using the authentication method, only 33% are required to.
A reason just over half (52%) of businesses admitted to failing to implement the technology, was due to not thinking authentication methods implemented for business were as effective as those found on sites such as Amazon and Facebook.
“These findings clearly show that IT managers are struggling to balance the need for a simple and easy login experience with security,” said Francois Lasnier, SVP Identity and Access Management at Gemalto.
“While there is a need to make things easier for employees, there is a fine line to be walked. IT and business line managers would do best to figure out the risks and sensitivities associated with the various applications used in their organisations and then use access management policies to manage risk and apply the appropriate authentication method. In this way, they can ensure a convenient login experience for their users, while still maintaining access security.”
Gemalto’s research did reveal that 62% businesses believe adopting better cloud access management tools will help simplify the login process for users. Additionally, almost three quarters (72%) said a consideration for implementing such tools was the desire to reduce the threat of large breaches.
“The rapid increase of cloud apps has brought organisations lots of benefits, but also caused a high degree of fragmentation in their ability to manage access security across numerous cloud and on-premises applications,” continued Lasnier. Without effective access management tools in place, this is liable to lead to higher risk of breach, a lack of visibility into access events, regulatory oversite – and hamper organisations’ ability to scale in the cloud.”
Cloud clearly has a large influence on businesses as 90% of respondents believe poor cloud access management will lead to issues for the company. Just over half (52%) believe it will cause security issues, 39% believe workers time will be used less efficiently and 38% believe costs will increase.
The use of cloud has encouraged better security measures to be put in place, due to more employees working remotely using the cloud. In order to access cloud applications, 94% believe cloud access management is key to achieving the applications. Therefore, it is crucial to ensure effective practice is put in place to secure access.
“It’s clear that UK businesses want to make it more convenient for employees to access corporate resources, but many are simply failing to implement the necessary security solutions to keep themselves safe from malicious hackers,” Joe Pindar, Director of Product Strategy, Gemalto said. “This is emphasised by the slow adoption of protection such as two factor authentication – although adoption is increasing and the majority plan to introduce this within the next two years, talk is cheap and not enough is being done quickly enough.”
In the future 76% of businesses said they plan to increase the use of two-factor authentication with two years, proactively deploying it rather than only when ‘necessary’.
Pindar said: “With GDPR just a handful of months away, organisations need to move faster. IT and business leaders in the UK must quickly identify the risks associated with any applications used in their organisation, and secure their most sensitive data.