Keeping your cyber-assets safe
With technology omnipresent and an integral part of our lives, many consumers are now using an array of devices to purchase items and fulfill their banking needs. The arrival of affordable “always connected” mobile devices ushers in a new era of convenience, allowing users to login to their personal accounts on the move. The benefits are endless as long as consumers are savvy and implement the necessary precautions against the lurking danger. By sharing passwords and other sensitive data on the information highway, they are also unknowingly exposing themselves to the threats from cyber-criminals.
The importance of authentication
Today, 46% of consumers in Asia Pacific are reportedly acquiring goods and services via their mobile, fuelled by a booming e-commerce sector. This emerging trend is noticeably higher than other parts of the world, too, well surpassing developed markets like Europe (27%) and the US (17%). Furthermore, the demand is overwhelming with 42% of the locals surveyed wanting more, compared to just 24% in Europe and 15% in the US.
This new digital economy has led to a torrent of constantly flowing data, which could end up in the wrong hands if it is not carefully protected. From a security standpoint, mobile applications (apps) are currently the worst culprit, providing troves of valuable information to cyber-criminals. Already, there has been a 30% increase in data breaches over the last 12 months in many organizations, as revealed in Gemalto’s latest Data Security Confidence Index.
By 2017, mobile apps will be downloaded over 268 billion times based on a separate study by Gartner. Not only generating more than $77 billion in revenue, but also turning them into one of the most popular computing tools worldwide. By then, the research firm predicts that a mobile user will feed personalized data streams to over 100 apps and services daily, consisting of practically anything from home automation to productivity software.
The demise of the traditional password
Considering the steady growth in technology and heavy reliance on cyber-space, traditional passwords are now the most vulnerable of layers for cyber-security, where hackers have been able to defeat fire walls secured by rudimentary passwords. Similar to metal keys that can be stolen and duplicated, passwords are also prone to targeted malicious activities, such as brute force attacks leveraging password cracking tools, as well as keystroke loggers and network eavesdropping.
As passwords can be easily intercepted and deciphered, a fundamental change in cyber-security strategy is more crucial than ever before. Lifting a page from the proven defense tactics deployed by armed forces around the world, this threat can be effectively combated through a layered approach like multi-factor authentication, creating a highly robust protection framework to safeguard important corporate data.
To overcome the limited security posture of the “traditional” password, multi-factor authentication incorporates a secure non-repudiated model to control access. Stronger authentication is achieved by substituting passwords with a combination of two or more of the following factors:
- Knowledge factors, such as a personal identification number (PIN) or a one-time password (OTP)
- Possession factors, such as a security token or card
- Inherence factors associated with the users, such as retina and biometric fingerprint scan images
When one factor is combined with another, the resultant security model is considerably strengthened, making it harder to break or spoof. Multi-factor authentication is scalable as well. The more knowledge, possession and inherence factors are progressively added, the more complex and stronger it is.
Organizations are starting to employ multi-factor authentication, while the adoption rate is forecasted to grow across every vertical. In a survey conducted by Gemalto, 32.4% of the respondents said that less than 10% of their workforces are using this form of security measure. Another 12% expect that to be the case in two years. More importantly, 50% of the respondents anticipate that at least half of all their employees will be using two-factor authentication within two-year time.
The imminent and future cyber-security challenges
Increasingly more applications, data and services are being built, managed and stored both inside and outside of the enterprise, accessible by employees anytime, anywhere, and from a slew of devices. Robust identity and data protection solutions help companies challenge today's security thinking with a new data security mindset, focusing on safeguarding what matters most: Intellectual properties and identities.
As highlighted in the latest Gartner report, the combined shipments of connected devices are reaching a total of 1.2 billion units in 2015. This assortment of PCs, tablets, ultra-mobiles and mobile phones is a growing challenge for security professionals just by their sheer quantity. Not forgetting the complexity involved to support the different underlying operating systems and apps, too.
In terms of authentication, 80% of digital access is projected to be performed through mobile phones by 2020. Although the existing rate of mobile authentication usage is still well behind its hardware-based equivalent, respondents of one of our surveys believed that it will grow substantially, up from 27.6% to 44.87% within the next two years. At which point, the rate of usages for mobile authentication will be almost on par with that of hardware tokens.
A true alternative for companies to stay cyber-safe
For now, multi-factor authentication is a maturing technology promising tangible security benefits, while allowing enterprises to achieve faster return of investment. It is one of the true traditional turnkey alternatives for companies to stay cyber-safe, which is probably the only certainty amid the rapidly changing technology and business landscapes.