CIO Influence
CIO Influence News Security

70% of Security/IT Professionals Say They are Overwhelmed by the Complexity of their Authentication Systems

70% of Security/IT Professionals Say They are Overwhelmed by the Complexity of their Authentication Systems

New report from Axiad highlights a critical barrier to optimizing an organization’s cybersecurity posture: internal IT complexity that often forces authentication to be done in silos

Axiad, a leading provider of organization-wide passwordless orchestration, announced the results of its 2022 Authentication Survey, revealing that executives have their hands full managing the underlying complexity of their authentication practices – a foundational element of most cybersecurity strategies around the globe.

The survey was conducted with 252 U.S. Security and IT executives (Director and above) in organizations of 2,500 or more employees across a broad variety of industry sectors. Respondents pointed to several internal challenges that prevent them from addressing authentication in a systematic fashion across the organization, including the variety of identity types to protect, numerous authentication methods used internally, varied operating systems in use, and existing investments in identity and access management that are often not interoperable.

Latest ITechnology News: ASE Unveils Plans for the World’s First 5G mmWave NR-DC SA Smart Factory

According to the survey, 70% of security and IT professionals are overwhelmed by significant complexity related to authentication, which is underpinned by these key findings:

  • 70% of respondents have 3 or more IAM ecosystems in use; 52% have 4 or more
  • 83% said they have both Windows and MacOS operating systems in place; almost half (46%) said they must authenticate against Linux as well
  • 89% use 3 or more authentication methods – the most popular are software o******* passwords (OTP), passwords and mobile push authentication; 60% use more than 5
  • 79% of respondents said it’s critical to secure people; 68% said machines are critical

This internal complexity often forces organizations to operate numerous, often disconnected, authentication strategies across the organization, which creates gaps and inconsistencies that can be exploited by bad actors.

In addition, security and IT professionals are challenged by external factors such as regulatory requirements, which impact how an organization must authenticate and vary widely according to vertical markets, international standards and the public sector. More than half of the organizations surveyed (54%) must comply with four or more regulatory requirements, and 38% must comply with 5 or more. The top regulatory and compliance requirements noted by respondents include ISO/IEC 27002, HIPAA, SOX and GDPR.

Latest ITechnology News: Diligent Finds 90% of Surveyed U.S. Businesses Are Adopting a Heightened Cybersecurity Posture

According to Bassam Al-Khalidi, Co-CEO & Co-Founder, Axiad, “Organizations today are grappling with a complex mix of systems and requirements, resulting in a siloed approach to authentication. We are seeing the negative repercussions of these fragmented strategies play out on the front pages right now, as cyber attackers are exploiting organizations that aren’t systematic in the way they validate a user (or machine) is who they say they are. To enhance your security posture and optimize protection, you need to tame that internal complexity and take a holistic approach to authentication.”

The IAM ecosystem is a typical example of authentication complexity. Companies merge, make acquisitions, grow internationally and typically end up working with at least 3 different IAM vendors, often 5 or more according to the survey, across the organization. It rarely makes sense to replace all of these disparate systems, but that puts pressure on security/IT professionals to manage the risks caused by interoperability issues and authentication inconsistencies. Magnify this complexity by similar challenges across identity types, authentication methods, operating systems and compliance regulations, and it’s clear why so many executives are overwhelmed.

Latest ITechnology News: data.world Delivers Deeper Insights into Cloud Data Adoptions with Fivetran Partnership

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

HackNotice Launches “HackNotice Actions”, Along With a New People-Friendly Brand, Empowering Customers to Keep Their Online Activity Private

Business Wire

AbbaDox Debuts PACS-as-a-Service Offering for Radiology Imaging Service Providers Powered by Zadara Edge Cloud

CIO Influence News Desk

Rafay Systems and AWS Streamline Kubernetes Operations and Accelerate Modern Application Delivery for MoneyGram