FB pixel

Half of organizations use biometrics for privileged account access

Three-quarters to increase MFA spending
Categories Access Control  |  Biometrics News  |  Trade Notes
 

cybersecurity online authentication

Spending on multi-factor authentication (MFA) is set for a major increase, as nearly three quarters of respondents (74 percent) to a survey conducted by 451 Research on behalf of Yubico say they plan to increase their MFA investment.

User experience was cited as the main obstacle to MFA adoption at 43 percent, despite biometrics and other modern authentication technologies providing a better user experience than legacy methods, according to the report. Other obstacles commonly cited include complexity (41 percent) and cost (36 percent).

The 16-page ‘Work-from-home policies driving MFA adoption, but still work to be done’ report shows that spending on MFA is being driven by the effects of the pandemic, increasing security breaches, and new authentication standards like FIDO2 and WebAuthn.

Beyond passwords, 58 percent of respondents chose OTP authenticators as an MFA factor, making it the most popular method, followed by biometrics (54 percent), mobile push notifications (48 percent), SMSs (41 percent), and USB security keys (40 percent).

Yubico launched a line of its USB hardware tokens with fingerprint biometrics last year.

Nearly half of all organizations surveyed have deployed biometrics for privileged administrators and IT staff, though mobile OTP authenticators and username and password combos are used by slightly more than half, and hardware-based OTPs are used by 49 percent, the same number as biometrics.

The importance of MFA also extends beyond businesses to public sector organizations, as shown by a U.S. government report.

US government urges MFA policy updates

The U.S. Cybersecurity & Infrastructure Security Agency has issued a report on ‘trends and best practices for network defenders’ to protect against cyber operations by the Russian Foreign Intelligence Service (SVR).

Password spraying was employed by the SVR in an attack on email accounts to gain information, according to the report. A compromised administrator’s account had been unintentionally exempted from the organization’s MFA policy, which allowed the attackers to modify the permissions for other user’s email addresses to make them accessible to any authenticated user.

Further, a misconfiguration had allowed logins with legacy single-factor authentication methods on devices not supporting MFA.

Attacks making use of zero-day vulnerabilities and WELLMESS malware are also described in the report.

The agency recommends mandatory use of approved MFA solutions for all users as a way to protect against the first two threats, and changes to authentication to register new devices and confirm users performing certain activities to defend against malware.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

How the ID industry can become more sustainable – and help to raise awareness for greener travel

By Tobias Nuessle, COO of Veridos The travel and tourism industry is a significant contributor to global CO2 emissions. Various…

 

Biometrics upgrades arriving at borders (but check the schedule for updates)

New biometric technology is coming to borders in Europe and the UK, but as reflected in several of Biometric Update’s…

 

What is the killer app for verifiable credentials? Daon, Dock and Youverse discuss

Industries such as financial services, healthcare, transport, government and more are increasingly adopting digital verifiable credentials connected to biometrics. Their…

 

Veteran biometrics leaders join FaceTec, Credence, ID.me adds ex-Meta exec

The latest round of appointments in the biometrics and identity management sector includes a former leader of federal government sales…

 

EU announces phased approach for EES

The European Union has proposed a progressive introduction of its biometric traveler registration scheme, the Entry-Exit System (EES). On Wednesday,…

 

Drowsy drivers to get AI-assisted safety prompts

Fatigued drivers are one of the most common hazards on the road, but sleepy-heads on commercial wheels are to get…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events