Thales has released a new report that suggests that businesses still put too much faith in passwords. The company’s latest Access Management Index looked specifically at Europe and the Middle East, and found that a full two-thirds (67 percent) of the respondents worked with organizations that were planning to expand the use of usernames and passwords, and that nearly one-third (29 percent) still viewed passwords as one of the more effective security tools.
“Businesses tend to revert back to old password-based logins for cloud services,” said Thales Access Management VP Francois Lasnier. “This is knowingly increasing their security exposure to credential stuffing and phishing attacks.”
Unfortunately, the Thales findings are in keeping with other reports that have found that many organizations are still relying on outdated legacy systems. However, there does seem to be more understanding about the need to update security practices. The Thales survey found that the vast majority of organizations (a full 94 percent) have changed their security protocols in the past year, and that most were planning to invest in more advanced security tools like biometric authentication and smart SSO technology (75 percent and 81 percent, respectively).
Lasnier added that the biggest challenge facing IT leaders is often getting boards to take security threats seriously. “Now that they have that buy in, the focus should be on access management in a zero trust security policy,” he said.
The results in the Access Management Index were based on the survey responses of 400 IT executives in seven different countries in Europe and the Middle East. Forty-seven percent reported that their organization is dedicating more time to security training for staff, while 43 percent reported increased spending on access management. Sixty-seven percent also indicated that they felt pressure to balance cloud security and convenience for customers and employees.
The Index arrives shortly after a Thales Data Threat Report that advised organizations to be more careful during their digital transformations. 57 percent of the Index respondents identified unsecured infrastructure like IoT devices as their biggest security concern moving forward.
May 6, 2020 – by Eric Weiss