According to a recent study, there is a wide gap between what IT and security decision makers understand to be highly secure MFA methods and the methods currently implemented within their organizations. As a result, most organizations (63%) plan to increase future investments in MFA for employees over the next five years, with a particular focus on “passwordless” security features (40%).
BIO-key International, a New Jersey-based provider of Identity and Access Management (IAM) and Identity-Bound Biometric (IBB) solutions, announced the findings of a survey of IT decision-makers conducted with Osterman Research. The initiative surveyed more than 290 security and IT professionals across a variety of mid to large organizations to determine the factors influencing their application and investment in multi-factor authentication (MFA) and Zero Trust cybersecurity.
Broad awareness of security threats is proving to be a key driver of Zero Trust adoption. For example, 53% of IT and security decision makers said that they were influenced to adopt more secure solutions by high profile ransomware incidents such as SolarWinds, Colonial Pipeline and JBS. Furthermore, 38% of respondents said the pandemic era digital transformation influenced their adoption of Zero Trust.
While most respondents still rely on password-based authentication for employee security, many have plans to move to passwordless solutions. Companies are using passwordless authentication even less with their customers, and most companies surveyed have no current plans to move customer access to passwordless MFA solutions.
The research also demonstrated a serious disconnect between what decision makers perceive to be highly secure MFA methods and what they have implemented for authentication. For example, although 60% of respondents perceived biometrics to be one of the most secure MFA methods, only 27% of organizations use them for employees and only 13% do so for customers. The majority of decision makers plan to address this disconnect with increased investment in MFA solutions, especially around biometric authentication. An average of 70% of employees and 40% of customers are required to use MFA to access corporate applications and data.
The data demonstrate a clear opportunity for channel partners seeking to differentiate themselves in the security space.