subscribe: Daily Newsletter

 

Mobile security still a major challenge

0 comments

Organisations are challenged to meet demands for greater mobility as 90% of IT departments in South Africa still restrict users from accessing sensitive corporate data and resources from mobile devices.
This is according to a recent survey amongst South African IT decision-makers by Gemalto.
Despite all organisations (100%) having users who require mobile or remote access, 98% of IT departments in South Africa are facing obstacles to increased user mobility in their organization, the primary being IT management overhead.
The 2015 Global Authentication and Identity Access Management Index reveals that almost all South African respondents (90%) are concerned that their organisation will be breached or hacked as a result of credential theft or compromise. This is exacerbated by the rise in mobile endpoints within organisations, as most organisations reported to have, on average, two mobile end points per user and managing three sets of credentials per user. Additionally, 27% of South African IT support tickets are resulting from lost or forgotten usernames and passwords.
In an effort to overcome the security challenges around mobility, the majority of IT departments (84%) in RSA plan to implement two-factor authentication for access to cloud applications. Currently, 44% of users utilize two-factor authentication, this is expected to rise to over half (58%) of users using it in two years. Meanwhile, 40% already use two-factor authentication to secure external users’ access to resources, indicating the varied use of the technology. Almost all (90%) respondents currently have at least one application protected by two-factor authentication, with VPNs, local network access and cloud applications among the top three apps protected
As IT continues to look to two-factor authentication to deal with the credentials crunch, the vast majority (94%) of respondents are seeking to do this by using cloud-based authentication-as-a-service and managing their organisation’s two-factor authentication centrally. By having the ability to implement uniform policies that address security threats in a consistent way, two-factor authentication can at the same time streamline access to numerous applications. In addition, 18% of respondents’ organisations in South Africa consider the total cost of ownership and the credibility and reputation of the vendor as the two most significant considerations for selecting a two-factor authentication solution.
“The pressure is on for South African IT departments to accommodate demands for greater mobility as employees crave new and flexible approaches to working,” says Neil Cossner, identity and data protection manager for Africa at Gemalto. “Organisations that are not open to this change are very likely to be inhibiting business productivity.
“Users are likely to do what it takes to get the job done, with or without permission, so when corporate resources are scattered across different sites, the need for strong authentication and as-a-service delivery will serve vital functions in making this happen securely. In doing so, South African organizations will be better placed to protect the identities of their users, without sacrificing on productivity or data protection.
“The growing use of cloud applications and mobile devices within organizations, combined with rising threats, and the need to reduce costs, require entirely new considerations for access control. Clearly there is an immediate need for authentication and access management solutions that can help South Africa organizations solve these challenges,” Cosser says.
“Organisations recognize the need to scale security to protect as many on-premises and cloud applications as possible, especially when sourcing a two-factor authentication solution,” says Garrett Bekker, senior security analyst at 451 Research. “The survey findings suggest that the choice of two-factor authentication will depend on the solution’s ability to provide centralized management, as well as secure access to the widest range of applications.”
Some of the additional key findings of the survey include:

The importance of mobility:
* Almost all (96%) respondents’ organisations recognize it is important to offer mobility to employees in their work practices.
* The number of users utilizing tokens for mobility in respondents’ organisations looks likely to increase across the board – on average, 44% of users in respondents’ organisations are currently using them for mobility with this figure expected to increase to 58% on average, in two years’ time.

The purchasing decision:
* When it comes to the final purchasing decision, the CIO (48%) is most likely to be the final decision maker when selecting a two-factor authentication solution.
* Both the total cost of ownership and the credibility and reputation of the vendor are, according to 18% of respondents, the two most significant considerations when deciding which two-factor authentication solution to select

Security threats and compliance:
* Almost all (98%) respondents think that it is important that their organisation has the ability to produce a single audit trail of access events taking place throughout different resources.
* All 100% of respondents think that two-factor authentication can help their organisation comply with data protection regulations and pass security audits.