Story image

1 in 4 organisations relying solely on passwords to secure BYOD

07 Nov 17

Bitglass has released the findings from its newest research, ‘BYOD and Identity’, which are alarming to say the least.

The data was taken from more than 200 IT and security professionals that were surveyed at the recent Gartner Symposium/ITxpo conference.

One in four organisations don’t have multi-factor authentication (MFA) methods in place to secure bring your own devices (BYOD) – they simply rely on the vulnerable password.

Despite being a well-known enterprise security gap, BYOD are the bane of almost all IT operators today with the constant drive for flexibility and mobility often overtaking the need for security.

CEO of Bitglass, Rich Campagna says simply using passwords (i.e. single-factor authentication) to control user access to corporate data, has resulted in several high-profile data breaches in recent months, including Zomato, Deloitte and Microsoft.

“Enterprises often misjudge the effectiveness of traditional security solutions, many of which are readily bypassed,” says Campagna.

“The BYOD boom exposes organisations to risks that can only be mitigated with data-centric solutions that secure access.”

The report also delved into the top cloud security priorities for organisations, with BYOD security and access taking the top honours. External sharing came out with 45 percent, malware protection on 40 percent, and unmanaged BYO device access on 40 percent.

Bitglass says in order for organisations to meet these needs, new security solutions need to be adopted.

One encouraging statistic was that three quarters of respondents already have encryption and on-premise firewalls in place to protect corporate data, with more starting to deploy Secure Web Gateways and cloud access security brokers.

And in terms of new technologies, many organisations still have concerns with the latest authentication methods.

A whopping 61 percent of the respondents have reservations about Apple’s Face ID technology as a viable method of BYOD authentication.

It would seem traditional authentication methods like passcodes, PIN codes, and fingerprint recognition are familiar and trusted by enterprises, while facial recognition technologies remain unproven.

Highlights of the survey include:

  • 28 percent of respondents have no multi-factor authentication methods in place for BYOD access
  • For those using MFA for BYOD, third party applications (42 percent) and SMS tokens (34 percent) are the most popular methods used 
  • External sharing is rated the leading cloud security concern for professionals surveyed (45 percent)
  • Also listed as top security concerns are malware protection (40 percent) and unmanaged device access (40 percent)
  • 61 percent of respondents have reservations about Apple’s Face ID technology
  • Top Apple Face ID concerns include accuracy of face detection (40 percent), prevention of unauthorised access (30 percent) and speed of face detection (24 percent)
What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Bitdefender announces security integration with Kaseya
The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.