Story image

1 in 4 organisations relying solely on passwords to secure BYOD

07 Nov 2017

Bitglass has released the findings from its newest research, ‘BYOD and Identity’, which are alarming to say the least.

The data was taken from more than 200 IT and security professionals that were surveyed at the recent Gartner Symposium/ITxpo conference.

One in four organisations don’t have multi-factor authentication (MFA) methods in place to secure bring your own devices (BYOD) – they simply rely on the vulnerable password.

Despite being a well-known enterprise security gap, BYOD are the bane of almost all IT operators today with the constant drive for flexibility and mobility often overtaking the need for security.

CEO of Bitglass, Rich Campagna says simply using passwords (i.e. single-factor authentication) to control user access to corporate data, has resulted in several high-profile data breaches in recent months, including Zomato, Deloitte and Microsoft.

“Enterprises often misjudge the effectiveness of traditional security solutions, many of which are readily bypassed,” says Campagna.

“The BYOD boom exposes organisations to risks that can only be mitigated with data-centric solutions that secure access.”

The report also delved into the top cloud security priorities for organisations, with BYOD security and access taking the top honours. External sharing came out with 45 percent, malware protection on 40 percent, and unmanaged BYO device access on 40 percent.

Bitglass says in order for organisations to meet these needs, new security solutions need to be adopted.

One encouraging statistic was that three quarters of respondents already have encryption and on-premise firewalls in place to protect corporate data, with more starting to deploy Secure Web Gateways and cloud access security brokers.

And in terms of new technologies, many organisations still have concerns with the latest authentication methods.

A whopping 61 percent of the respondents have reservations about Apple’s Face ID technology as a viable method of BYOD authentication.

It would seem traditional authentication methods like passcodes, PIN codes, and fingerprint recognition are familiar and trusted by enterprises, while facial recognition technologies remain unproven.

Highlights of the survey include:

  • 28 percent of respondents have no multi-factor authentication methods in place for BYOD access
  • For those using MFA for BYOD, third party applications (42 percent) and SMS tokens (34 percent) are the most popular methods used 
  • External sharing is rated the leading cloud security concern for professionals surveyed (45 percent)
  • Also listed as top security concerns are malware protection (40 percent) and unmanaged device access (40 percent)
  • 61 percent of respondents have reservations about Apple’s Face ID technology
  • Top Apple Face ID concerns include accuracy of face detection (40 percent), prevention of unauthorised access (30 percent) and speed of face detection (24 percent)
Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.
Online attackers abusing Kiwis' generosity in wake of Chch tragedy
It doesn’t take some people long to abuse people’s kindness and generosity in a time of mourning.
Ransomware’s decline equals cryptomining’s rise
ESET’s Security Days Conference recently took place to go over the current threat environment and what to look out for next.
IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.
Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."