By David Perry

 

You’ve probably heard the stories, there are several each year, of employees who are prepared to part with logon and password information for a free café latté or an Easter egg. This highlights that security of information systems is not just about technology, the human factor is important too, and one the obvious places in which security meets the user is authentication. This short report looks at some of the trends and developments in this area based on the findings of an online research study during which information and insights were gathered from 1,464 respondents, primarily IT professionals.

 

KEY RESEARCH FINDINGS

 

Fragmented authentication leads to user frustration, business risk and IT cost
The continuous introduction and evolution of new business systems has led to a proliferation of authentication methods and credentials such as usernames, PINs and passwords. Two thirds of large enterprises and over half of small and midsize organisations report significant fragmentation of authentication requirements within their systems. This leads to user frustration, risk to the business and increased cost of IT support.

More flexible and diverse access makes managing the risk more challenging
Since many newer applications are web-based, they may in principal be accessed from any browser based device, including home PCs, machines in Internet cafés, PDAs and smartphones. The study reveals that users are taking advantage of this, with almost two thirds of organisations participating in our study endorsing access from uncontrolled PCs, and over 40% supporting personal mobile devices … then there is the unofficial access the IT department is unaware of.

And the challenge doesn’t stop with employees
Two thirds of large and midsize organisations allow customers and or suppliers direct access into their systems, extending the need to manage authentication beyond the company boundary. Furthermore, developments in Web Services and Service Oriented Architecture (SOA) are accelerating the direct connectivity between systems over company boundaries, creating a whole new set of security considerations.

 

SSO use is ramping up, with advanced authentication appearing on the radar
Developments in authentication technology are helping organisations to respond to some of these trends from a security risk management and business efficiency perspective. Already, 55% are active with Single Sign-On solutions to one degree or another and the use of advanced authentication technologies, particularly biometrics and smartcards, is predicted to increase sharply over the coming three years. Organisations are also telling us that multi-factor authentication will become more broadly adopted.