UK companies adopt MFA, VPNs, biometrics to secure remote work, Centrify finds
As many as 70 percent of companies in the UK are using multi-factor authentication (MFA) and a virtual private network (VPN) to secure their remote workforce amid COVID-19, found a poll conducted by Censuswide and commissioned by Centrify.
Based on interviews with 200 decision-makers from large and medium-sized companies in the country, the survey found that 46 percent have already dealt with a higher number of phishing attacks since enforcing a remote work policy. Although the cybersecurity industry warns of increasing attacks during the COVID-19 crisis, 43 percent said more security protocols are likely to affect productivity, while 49 percent disabled extra authentication steps in the workplace.
Experian Head of Global Identity and Fraud Product Innovation Mike Gross told Biometric Update in a recent interview as part of a series on COVID-19’s impact that the pandemic has changed the phishing landscape.
However, FIDO2 certified passwordless authentication could increase productivity and reduce authentication time. Biometric identification methods though fingerprints or facial recognition are seen as an alternative by 60 percent of respondents, while 66 percent consider biometrics more secure than traditional passwords.
President and CEO Phil Dunkelberger told Biometric Update as part of the same interview series that use of FIDO protocols is the way to make remote secure authentication scalable.
“It’s clear that businesses recognize the risks posed by increased remote working during this difficult time, with the majority opting for multi-factor authentication solutions to verify every user and protect company data. What’s troubling is the other 30 percent who are not using MFA, which is a security best practice,” said Andy Heather, VP at Centrify, in a prepared statement. “Every organization wants to ensure productivity for remote workers, but it cannot come at the expense of proper security. They need to weigh the risks they are facing with these heightened threats very carefully and take any and all measures available to ensure access is granted only to authentic users.”
Modern authentication such as biometrics enhance security and productivity, and would solve the risk problem associated with outsourced third-parties such as IT administrators, Heather explained.
In March, Centrify implemented the FIDO2 Web Authentication API to enable biometrics and other passwordless authentication methods for privileged administrator logins.
The European Banking Authority (EBA) has made strong customer authentication (SCA) a PSD2 requirement for payment service providers within the EU economic space. For now, the deadline remains December 31, 2020.