Gemalto survey shows biometric and two-factor enterprise access control ramping up
Author: huifan Time: 2018-03-19
Organizations currently require biometric authentication for 28 percent of their employees, but that number will jump to more than 44 percent within two years, according to the “Identity and Access Management Index 2018” from Gemalto.
Usernames and passwords remain the most common authentication method for 69 percent of organizations, despite the fact that 92 percent are concerned about employees reusing personal credentials for work purposes.
Only 39 percent of users currently use two-factor authentication (2FA), but 61 percent expect to use it two years from now, and 93 percent of organizations currently use 2FA for at least one application. Between 77 and 79 percent of organizations use 2FA for each of cloud applications, local network access, web portals, VPN, and enterprise applications, according to the survey.
Almost all respondents (96 percent) expect their organization to protect applications with 2FA eventually, with an average expected length of time to do so of 15 months. Belief in the value of 2FA for regulatory compliance and passing audits is nearly universal as well.
At least some employees at 98 percent of organizations, and 43 percent of employees overall require remote access to corporate applications, but only 36 percent are required to use 2FA to access corporate resources from mobile devices. The number of users required to use 2FA for mobile access is expected to increase by more than 20 percent over the next two years, however.
Companies are responding to high profile data breaches, with 90 percent of those surveyed saying business security policies had been changed as a result.
Seventy percent of respondents believe that authentication methods for consumers can be used to secure access to enterprise resources, while 54 percent say authentication at work is worse than that of Facebook or Amazon.
OneLogin recently launched a multi-environment IDaaS product to meet the growing demand for unified enterprise access control.