FB pixel

US federal agencies appear to be moving on zero trust but where are small businesses?

Multi-factor authentication lags behind for many
Categories Access Control  |  Biometrics News  |  Trade Notes
US federal agencies appear to be moving on zero trust but where are small businesses?
 

The U.S. federal government is not always the last to get a memo. That is certainly true when it comes to creating zero trust architectures.

A brief article in GovernmentCIO notes that federal agencies have until fall 2024 to put in place prescribed zero trust components (a cornerstone of which is two-factor authentication).

The deadline was only set in January, so it is impossible right now to say if the bureaucracy is meeting expectations or lagging but it is ahead of small to midsize companies worldwide.

The Cyber Readiness Institute has published a survey indicating that owners of smaller businesses are ill-prepared for the growing risk of digital theft and fraud.

The five-year-old institute, comprised of multinational businesses, government officials and cybersecurity leaders, says 46 percent of small business owners have deployed recommended multi-factor authentication products, much less architectures. Only 13 percent of small to midsize firms require employees to use MFA, according to the institute.

More than half of those surveyed reported being more or less unaware of multi-factor authentication. The same share does not use MFA in their businesses.

Half of respondents (again) who have adopted multi-factor authentication to whatever degree are only “encouraging the use of MFA.”

By definition, these organizations are diminutive, but by economic weight they are enormous: Small businesses in 2019 were responsible for 44 percent of economic activity in the United States, for example.

That is a lot of cybersecurity exposure.

The U.S. federal government, on the other hand, has access to “really strong two-factor” ID authentication tools, according to Dan Chandler, information systems security officer with the Office of Management and Budget, the agency charged with herding the government cats toward their deadline.

Chandler was speaking during an online panel earlier this month sponsored by the Advanced Technology Academic Research Center.

Also on the panel, Brian Hermann, director of cybersecurity and analytics for the Defense Information Systems Agency, said they are deploying secure access service edge to consolidate and understand data about users.

Hermann said his organization has learned that it is not enough to moving from basing security assumptions by location, for example. Systems have to free to consider any data relevant to securely granting access.

That may not be a novel insight for security-cautious multinationals, but it is years ahead of small to midsize businesses, one of the world’s biggest economic drivers.

Article Topics

 |   |   | 

Latest Biometrics News

 

Humanity Protocol CEO talks Moongate acquisition, expansion into ticketing

Humanity Protocol has acquired Moongate, marking a move into the ticketing and access market. For Terence Kwok, CEO of the…

 

Half a million shoplifters can’t be right

By Professor Fraser Sampson, former UK Biometrics & Surveillance Camera Commissioner When Napoleon said that we were a nation of shopkeepers,…

 

Fight misinformation with IDV for tiered anonymity on social media, paper argues

Social media and its effects on our society is an ongoing conversation. Some governments are considering banning social media for…

 

Hackathon spotlights role of Philippines national ID in effective service delivery

Institutions that are yet to integrate their services with the Philippines national ID Authentication platform have been called upon to…

 

Sri Lanka promotes outcome-based procurement for a robust digital economy

A significant transformation in Sri Lanka’s public procurement system, is paramount in the journey to advance Sri Lanka’s digital economy,…

 

Private, effective age verification is possible: Australia age assurance technology trial

“Age assurance can be done in Australia and can be private, robust and effective.” This is the key finding of…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Biometric Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events