2014 Authentication Survey - SafeNet

Download PDF
1 downloads 248 Views 1MB Size Report
Comment
As IT teams seek to keep sensitive assets safe, while supporting the evolving adoption of cloud-based services and BYOD,
2014 Authentication Survey Executive Summary

How Organizations Are Responding to Mobile and Cloud Threats

Overview As IT teams seek to keep sensitive assets safe, while supporting the evolving adoption of cloud-based services and BYOD, authentication mechanisms need to play an increasingly central role. How are organizations adapting their authentication approaches to contend with the changes and increased risks their businesses face? This executive summary reports on a recent to survey to provide a look at the market, and where it’s heading. For security teams today, the job continues to get tougher, while the penalties for failure get steeper. Not only are the threats more elusive and persistent, but the assets and environments that need to be defended continue to undergo fundamental transformation. Now, workloads run across an increasingly complex mix of on-premise systems, externally hosted platforms, and cloud-based services. Further, mobile device usage continues to grow more ubiquitous, and more business critical in the enterprise. While these cloud and mobility trends have delivered significant benefits, they’ve also created a new set of vulnerabilities and security requirements—demands that had to be met yesterday, if not sooner. Consequently, many IT organizations have struggled to keep pace. Vulnerabilities are being exploited, and breaches continue. In fact, during the first quarter of 2014, more than 200 million records were stolen, an increase of 233% over the same time last year1.

Authentication mechanisms play a central role in contending with all these changes and challenges, representing an increasingly critical instrument in the security team’s toolkit. How are IT organizations adapting their authentication approaches to contend with all these changes? SafeNet recently completed a widespread survey to find out. Following is a summary of the top findings: ≥ To address their increased exposure, including new gaps created by running applications in the cloud, organizations are growing more reliant on multi-factor authentication. ≥ To contend with BYOD trends and the increasingly mobile nature of the workforce, usage of multi-factor authentication on mobile devices is rising. ≥ To meet the growing demand for multi-factor authentication, while managing costs, IT organizations are increasingly looking to cloudbased authentication approaches.

1 Breach Level Index, “First Quarter Recap: 2014”

"It’s clear that many IT departments are locked in a perpetual battle, struggling to keep up with the rapid pace of technological change, while protecting the company against security risks. On one hand, almost every other week, we hear about a new attack or breach at a large enterprise. On the other hand, staff needs continuous access to corporate systems and applications to do their jobs. Quite simply, IT teams can’t address their charters if they don’t have secure, reliable authentication mechanisms in place.” Jason Hart, VP Cloud Solutions, SafeNet

2

Expanding Usage of Multi-factor Authentication While the technical and security landscape is shifting fundamentally and quickly, one consistent theme is emerging: Multi-factor authentication will play an increasingly central role in an organization’s security defenses. In this year’s survey, respondents were asked about current multi-factor authentication adoption and anticipated usage in two years. Combined with our 2013 survey, we have three data points to track adoption rates, and across the board, usage is rising.

56%

37%

30%

The percentage of organizations with the majority of users employing multi-factor authentication is set to grow by 87%.

% 50 40 30 20 10 0 2013

2014

32% %

26

2014

2013

9% 2015

2014

25%

2015

Businesses that have less than 10% of their workforce using multifactor authentication is expected to decline by more than one-third.

2016

15%

12%

% 50 40 30 20 10 0

2016

%

50 40 30 20 10 0 2013

2015

Organizations with more than 90% of employees using multi-factor authentication should expand by more than 100%.

2016

3

Increased Reliance on Multi-factor Authentication to Secure Mobile Access There’s a clear cause and a clear effect in today’s authentication market. With more mobile devices being used to access corporate resources, there’s a pervasive response: More mobile devices users are being required to use multi-factor authentication.

34% 54%

Today

Organizations that have more than half of mobile device users doing multifactor authentication is expected to grow 60%

Two years 0

10

20

30

40

50

60

70

80

39% 15%

Today

Businesses with less than 10% of users doing so shrinks by 60%

Two years 0

10

20

30

40

50

60

70

80

22% 33%

Today

Companies with more than 90% of users relying on multi-factor authentication grows 50%

Two years 0

10

20

30

40

50

60

70

80

4

Openness to Cloud-based Authentication When it comes to authentication costs, there’s already a broad disconnect between expectations and realities. For many respondents, actual prices are higher than they’d expect them to be. For example, while only 42% spend less than 36 Euros per user per year, 76% of respondents say they would expect to pay less than that amount. Given the increasing usage of multi-factor authentication outlined above, it’s clear IT and security executives will have to balance the need to address this growing demand, while contending with ongoing budget pressures. This realisation is a clear driver behind respondents’ increasing amenability to cloud-based authentication alternatives. Since last year’s survey, there’s been a 50% increase in respondents’ openness to cloud-based authentication.

21% 33%

2013 2014 0

10

20

30

40

50

60

70

80

5

Conclusion In the authentication market, there’s been plenty of change. In our survey, some clear patterns emerge. Most importantly, there will be more—more multi-factor authentication usage across the organization, and more usage from staff working on their mobile devices. These realities, coupled with the need to speed deployment and improve total cost of ownership, are clearly a big reason that cloud-based authentication, virtually an unknown a few years ago, is now the preference for more than 30% of respondents.

About the Survey This white paper draws its findings from a survey of more than 350 individuals from around the world. About 29% were from the Asia Pacific region; 42% from Europe, Middle East, and Africa; and 29% from North America.

About SafeNet Founded in 1983, SafeNet, Inc. is one of the largest information security companies in the world, and is trusted to protect the most sensitive data for market-leading organizations around the globe. SafeNet’s data-centric approach focuses on the protection of high value information throughout its lifecycle, from the data center to the cloud. More than 25,000 customers across commercial enterprises and government agencies trust SafeNet to protect and control access to sensitive data, manage risk, ensure compliance, and secure virtual and cloud environments.

©2014 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names are trademarks of their respective owners. v3 15May2014

6