With the ever changing security landscape, protection and compliance are high on the radar for most organisations. One area that gets forgotten in the battle against cyber threats, is authentication methodology, and more specifically why removing password authentication should be high on the priority list
Recently Microsoft announced some damning statistics around password authentication. For example, did you know that 63%* of all confirmed data breaches involved weak, default or stolen passwords. In addition to that statistic, did you know in a recent survey more than 25%** of employees would consider selling their password for less than £100
Pretty damning stuff wouldn’t you agree
So what can be done about this?
Multi-factor authentication is something you will start to hear more and more. The ability to authenticate against corporate environments using a multitude of methods will soon become the norm. Rather than enforcing strict password policies at an organisational level, or relying on users to adhere to password policies, utilising facial recognition, bio-metric scanning or token based authentication will enhance your security profile
Microsoft’s Azure AD can enhance this further by providing password management of a number of third-party applications and websites. By authenticating against an Azure AD platform using your chosen method of authentication, this can maintain security to SalesForce, Twitter, SAP and many more. This will prevent users having to maintain password based authentication for their other applications, and allow this security model to be maintained and control by centralised IT. Imaging Single Sign On across workloads using Multi-Factor authentication.
* figures provided by Microsoft at the Microsoft Tech Summit 2017
**figures provided ATLAS Sailpoint 2016 Market Pulse Survey. Survey polled 1000 people of which half work for a company with more than 10,000 employees