Click here to close now.

Welcome!

IoT User Interface Authors: Sematext Blog, Liz McMillan, Elizabeth White, AppDynamics Blog, Lori MacVittie

Blog Feed Post

More enterprises plan to strengthen access security with multi-factor authentication

SafeNet Global Authentication Survey reveals more enterprises to adopt cloud-based authentication and mobile MFA to accommodate an increasingly mobile workforce

CAMBERLEY - May 21, 2014 - Rising security risks, and demand for seamless and secure access across any device, anytime, has triggered greater adoption of authentication solutions, according to new research from SafeNet, Inc., a global leader in data protection. The 2014 Global Annual Authentication Survey found that over one-third of organisations now use multi-factor authentication to provide seamless and secure access across a multitude of devices and locations - an increase from 2013.

The survey results illustrate that more businesses are adopting multi-factor authentication and distributing it across the wider workforce. The findings support a recent 451 Research report[1] which reveals that access control and authentication are the top 'pain points' and priorities for IT departments. With 57 per cent of all data breaches in 2013 the result of malicious outsiders[2], multi-factor authentication reduces the risk of unauthorised users accessing sensitive information, while still ensuring staff can access corporate resources when and how they need them.

Key Findings

  • Clear growth in multi-factor authentication (MFA) adoption:
    • 37 per cent of organisations now use MFA for a majority of employees - up from 30 per cent last year
    • By 2016, 56 per cent of organisations expect the majority of users to rely on multi-factor authentication.
  • Cloud authentication gaining acceptance:
    • 33 per cent of organisations indicated they preferred cloud-based authentication, up from 21 per cent last year - a 50 per cent increase
    • 33 per cent are now open to the cloud for authentication implementations
  • MFA for mobile devices:
    • More than 53 per cent of respondents said users of mobile devices have restricted access to corporate resources.
    • Those using MFA for mobile users, (22 per cent currently) expect usage to grow to 33 per cent by 2016 - an increase of 30 per cent

"It's clear that some IT departments are struggling to keep up with the rapid pace of change caused by new technologies. The danger is that companies are unable to offer staff the full system access they require to perform their job because they don't have the secure authentication in place to allow access. Then there's the fact that almost every other week we hear about a new enterprise being hacked and data potentially leaked. So there is a perpetual battle to keep up with fast-paced advances in technology, and attempts to protect the company and curb security risks," stated Jason Hart, Vice President of Cloud Solutions at SafeNet.

Cost and Budget Priority
The 451 Research report revealed that authentication and identity access management are a top priority for security projects. Yet, interestingly, in the SafeNet Authentication Survey, almost 40 per cent did not know how much their authentication solution costs per user per year, illustrating the lack of awareness over what is most cost-effective for the organisation. The perception that, by not spending extra on multi-factor authentication, the organisation is cost saving could be misleading to those in charge of IT budgeting. In fact, a multi-factor authentication solution aims to reduce authentication costs and improve ease of use.

Cloud vs. On-Premises-based Authentication
The growing demand from employees to connect to the corporate network with their own device has been met with a rise in cloud-based authentication from organisations. This year, 33 per cent of companies indicated that they preferred cloud-based authentication, up from 20 per cent last year.

"Ultimately, enterprises must accept that their staff will find ways to use mobile devices to access corporate data - with or without permission. Instead of preventing access, IT decision-makers need to deploy multi-factor authentication, which can offer the protection of corporate resources, while allowing staff access and maintaining productivity and performance," Hart added.

Authentication from Mobile Devices
When it comes to using strong authentication for mobile devices with access to corporate resources, the majority of responses were grouped at either end of the scale, showing polarised practices. Almost 40 per cent said less than 10 per cent of users are required to use strong authentication, while over 20 per cent suggest that 90-100 per cent of users currently require it. Interestingly, these figures are set to shift significantly, with 33 per cent expecting that 90-100 per cent of users will require strong authentication in the next two years, and only 15 per cent suggest less than 10 per cent, emphasising the growing importance of mobile authentication.

The drive towards mobile authentication is also fuelling a move from hardware- to software-based authentication tokens. The survey revealed that the use of software-based authentication rose from 27 per cent in 2013 to 40 per cent in 2014, with the expectation that this will rise again to 50 per cent in 2016. Conversely, the use of hardware-based authentication dropped from 60 per cent in 2013 to 41 per cent in 2014.

"IT companies are certainly responding to the rise in mobility with increased software-based authentication; however, there appears to be a 'disconnect' between the desire to embrace mobility, and the struggle to keep up with it and protect resources and data from external threats. Furthermore, as adoption of cloud computing grows, better security becomes crucial. Indeed, the cloud offers various benefits for authentication and applications, but without the security to support them, it only increases the threat." Hart concluded.

[1] The enterprise information security organisation in 2014, 451 Research; https://451research.com/report-short?entityId=80256
[2] Breach Level Index Annual Recap, SafeNet: http://breachlevelindex.com/pdf/Breach-Level-Index-Report.pdf

-ENDS-

About the Survey
The research from SafeNet polled more than 350 senior IT decision-makers from around the world—about 29 per cent from the Asia Pacific region; 42 per cent from Europe, Middle East and Africa; and 29 per cent from North America. The report compares data with a corresponding report from 2013. The full report can be found here: http://www.safenet-inc.com/resources/Other/Data_Protection/2014_Authentication_Survey_-_Executive_Summary/

About SafeNet Data Protection Solutions
SafeNet data protection solutions provide multi-layer encryption with centralised key management and storage. SafeNet delivers the comprehensive encryption platforms that enable security professionals to safeguard sensitive data in data centres, virtualised data centres, and private and public clouds.

SafeNet enables customers to encrypt sensitive data at the storage, file, virtual instance, database, and application layer, while managing encryption security policies and encryption keys centrally. In addition, SafeNet supports format-preserving tokenisation for a wide variety of data types. Through this multi-layer approach, SafeNet enables organisations to:

  • Separate administration of systems and applications from the data stored or processed within these infrastructure layers, ensuring privileged users can't see sensitive data.
  • Take advantage of lower cost operational models while consistently enforcing security policies.
  • Centralise encryption management across physical, virtual, and public cloud environments, and efficiently deliver detailed logs and compliance reporting for internal and external auditors.
  • Employ key vaulting and secure cryptographic resources, both in data centre and multi-tenant environments, in order to retain full ownership and control of their encryption service.

With these capabilities, organisations can institute a defense-in-depth strategy that delivers high levels of security for sensitive data, regardless of where it resides—even if there has been a breach of other controls.

SafeNet Authentication Service
SafeNet Authentication Service is a cloud-based authentication solution that allows service providers and enterprises to rapidly introduce authentication-as-a-service to their customers. It also allows them to significantly reduce the cost and complexity associated with offering and implementing strong authentication, and to strengthen their security and compliance posture. This process is simplified through the flexibility and scalability of automated workflows, vendor-agnostic token integrations, and broad APIs. In addition, management capabilities and processes are fully automated and customisable—providing a seamless and enhanced user experience. With no infrastructure required, SafeNet Authentication Service enables a quick migration to a multi-tier and multi-tenant cloud environment, and protects everything from cloud-based and on-premises applications to networks, users, and devices.

About SafeNet, Inc.
Founded in 1983, SafeNet, Inc. is one of the largest information security companies in the world, and is trusted to protect the most sensitive data for market-leading organisations around the globe. SafeNet's data-centric approach focuses on the protection of high-value information throughout its lifecycle, from the data centre to the cloud. More than 25,000 customers across commercial enterprises and government agencies trust SafeNet to protect and control access to sensitive data, manage risk, ensure compliance, and secure virtual and cloud environments. Learn more about SafeNet on Twitter, LinkedIn, Facebook, YouTube, and Google+.

Source: RealWire

Read the original blog entry...

More Stories By RealWire News Distribution

RealWire is a global news release distribution service specialising in the online media. The RealWire approach focuses on delivering relevant content to the receivers of our client's news releases. As we know that it is only through delivering relevance, that influence can ever be achieved.

@CloudExpo Stories
In a world of ever-accelerating business cycles and fast-changing client expectations, the cloud increasingly serves as a growth engine and a path to new business models. Dynamic clouds enable businesses to continuously reinvent themselves, adapting their business processes, their service and software delivery and their operations to achieve speed-to-market and quick response to customer feedback. As the cloud evolves, the industry has multiple competing cloud technologies, offering on-premises ...
SYS-CON Events announced today that SUSE, a pioneer in open source software, will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. SUSE provides reliable, interoperable Linux, cloud infrastructure and storage solutions that give enterprises greater control and flexibility. More than 20 years of engineering excellence, exceptional service and an unrivaled partner ecosystem power the products and support that help ...
As the world moves from DevOps to NoOps, application deployment to the cloud ought to become a lot simpler. However, applications have been architected with a much tighter coupling than it needs to be which makes deployment in different environments and migration between them harder. The microservices architecture, which is the basis of many new age distributed systems such as OpenStack, Netflix and so on is at the heart of CloudFoundry – a complete developer-oriented Platform as a Service (PaaS...
T-Mobile has been transforming the wireless industry with its “Uncarrier” initiatives. Today as T-Mobile’s IT organization works to transform itself in a like manner, technical foundations built over the last couple of years are now key to their drive for more Agile delivery practices. In his session at DevOps Summit, Martin Krienke, Sr Development Manager at T-Mobile, will discuss where they started their Continuous Delivery journey, where they are today, and where they are going in an effort ...
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
There is no question that the cloud is where businesses want to host data. Until recently hypervisor virtualization was the most widely used method in cloud computing. Recently virtual containers have been gaining in popularity, and for good reason. In the debate between virtual machines and containers, the latter have been seen as the new kid on the block – and like other emerging technology have had some initial shortcomings. However, the container space has evolved drastically since coming on...
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect...
The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential. The DevOps Summit at Cloud Expo – to be held June 3-5, 2015, at the Javits Center in New York City – will expand the DevOps community, enable a wide...
The web app is Agile. The REST API is Agile. The testing and planning are Agile. But alas, Data infrastructures certainly are not. Once an application matures, changing the shape or indexing scheme of data often forces at best a top down planning exercise and at worst includes schema changes which force downtime. The time has come for a new approach that fundamentally advances the agility of distributed data infrastructures. Come learn about a new solution to the problems faced by software orga...
Cloud Expo, Inc. has announced today that Andi Mann returns to DevOps Summit 2015 as Conference Chair. The 4th International DevOps Summit will take place on June 9-11, 2015, at the Javits Center in New York City. "DevOps is set to be one of the most profound disruptions to hit IT in decades," said Andi Mann. "It is a natural extension of cloud computing, and I have seen both firsthand and in independent research the fantastic results DevOps delivers. So I am excited to help the great team at ...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Ar...
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
CA Technologies has announced it has signed a definitive agreement to acquire Rally Software Development Corp. for $19.50 per share, which equates to approximately $480 million, net of cash acquired. The transaction has been unanimously approved by both Boards of Directors, and is expected to close in the second quarter of CA’s fiscal 2016. Based in Boulder, CO, Rally has approximately 500 employees across four continents and FY 2015 sales of $88 million. “Software applications are changing the...
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...
Enterprises are fast realizing the importance of integrating SaaS/Cloud applications, API and on-premises data and processes, to unleash hidden value. This webinar explores how managers can use a Microservice-centric approach to aggressively tackle the unexpected new integration challenges posed by proliferation of cloud, mobile, social and big data projects. Industry analyst and SOA expert Jason Bloomberg will strip away the hype from microservices, and clearly identify their advantages and d...
The OpenStack cloud operating system includes Trove, a database abstraction layer. Rather than applications connecting directly to a specific type of database, they connect to Trove, which in turn connects to one or more specific databases. One target database is Postgres Plus Cloud Database, which includes its own RESTful API. Trove was originally developed around MySQL, whose interfaces are significantly less complicated than those of the Postgres cloud database. In his session at 16th Cloud...
All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades. With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo, June 9-11, 2015, at the Javits Center in New York City. Learn what is going on, contribute to the discussions, and ensure that your enter...
What do a firewall and a fortress have in common? They are no longer strong enough to protect the valuables housed inside. Like the walls of an old fortress, the cracks in the firewall are allowing the bad guys to slip in - unannounced and unnoticed. By the time these thieves get in, the damage is already done and the network is already compromised. Intellectual property is easily slipped out the back door leaving no trace of forced entry. If we want to reign in on these cybercriminals, it's hig...
The 4th International Internet of @ThingsExpo, co-located with the 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - announces that its Call for Papers is open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
SYS-CON Events announced today that MetraTech, now part of Ericsson, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Ericsson is the driving force behind the Networked Society- a world leader in communications infrastructure, software and services. Some 40% of the world’s mobile traffic runs through networks Ericsson has supplied, serving more than 2.5 billion subscribers.