Multi-factor authentication (MFA) is now used by the majority of employees at 37 percent of organizations, and that number will reach 56 percent by 2016, according to SafeNet’s 2014 Global Annual Authentication Survey released this week. Thirty-percent of organizations used multi-factor authentication in 2013.
The heading of the survey’s executive summary is “How Organizations Are Responding to Mobile and Cloud Threats,” which names the two main security risks driving multi-factor adoption.
“IT companies are certainly responding to the rise in mobility with increased software-based authentication; however, there appears to be a ‘disconnect’ between the desire to embrace mobility, and the struggle to keep up with it and protect resources and data from external threats,” Jason Hart, VP of Cloud Solutions at SafeNet said. “Furthermore, as adoption of cloud computing grows, better security becomes crucial. Indeed, the cloud offers various benefits for authentication and applications, but without the security to support them, it only increases the threat.”
The survey polled more than 350 senior IT workers from around the world, and indicated a 50 percent jump in preference for cloud-based authentication, from 21 to 33 percent.
BYOD practices and the “vanishing perimeter” of networks have been major cause for security concern as mobile devices become ever more important tools for enterprise employees.
Over 53 percent of respondents said mobile devices have limited access to corporate resources, and MFA use for mobile is expected to grow by 30 percent from 22 to 33 percent of organizations by 2016.
The survey also revealed that 40 percent of organizations do not know the cost per user per year of their authentication solution. Those organizations may understandably be banking on the cost of ungoverned or ineffectively governed mobile authentication easily surpassing the cost of their solution – whatever that cost may be.
The continuing increase in MFA adoption, not to mention the apparently secondary concern over its cost, can only be a boon to authentication service providers.