RSS feed Get our RSS feed

News by Topic

BizReport : Internet : June 02, 2020

Brands: Is it time to rethink passwords?

In May many businesses observed National Password day by sending emails reminding employees and executives to reset passwords. Some may even have rolled out new password requirements - like longer pass phrases. But according to one expert these measures may not be enough to protect brands because most (80%) of hack-related breaches revolve around password credentials.

by Kristina Knight

So, what should brands do when passwords aren't the most secure method of protecting both company and customer data?

"Passwords are ingrained in various forms of enterprise infrastructure, including on-premises and cloud resources. In order to replace passwords, organizations need a comprehensive security solution that addresses all possible use cases and is built for all end-user personas. The passwordless MFA solution must also be user-friendly and make it as easy as possible for mobile workers to get the apps and content they need. Because of this, going passwordless is a journey for many organizations," said Rima Pawar, Head of Identity Products, MobileIron. "The average help desk labor cost for a single password reset is about $70, and some large US-based organizations allocate over $1 million annually for password-related support costs. It's time to eliminate passwords and make mobile devices the future of secure access to the enterprise."

Biometric authentication - fingerprint or retina scans, for example - are one way brands can better secure their data according to Pawar.

"We are seeing an increase in adoption of mobile device authentication with biometric-based access with our customers. To our customers, a company employee accessing business email from his physical office desk would be considered a far less risky scenario than a temporary contractor accessing sensitive business financial information on a mobile while standing in line at a remote coffee shop," said Pawar.

Another step? Zero Trust Security, according to Pawar. This means that no one, either inside or outside of an organization is trusted by default. This would be across the board from the head of IT to CEO's and onboarding new employees.

"Zero Trust means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network. This added layer of security has been shown to prevent data breaches," said Pawar.

Tags: MobileIron, password security, password threats, smb passwords, smb security

Subscribe to BizReport



Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.