Over Half of IT Professionals Evaluating Two-Factor Alternatives Following the RSA Breach
A survey, conducted by PhoneFactor in March 2011, revealed that organizations that utilize security tokens, many of which are already frustrated with the burden tokens place on their IT departments and end users, are being driven to action by the recent RSA breach.
 | The survey of more than 400 information technology professionals from a wide variety of industries found that the vast majority of respondents with current token deployments (93%) are aware of the RSA breach affecting SecurID tokens, which was disclosed in March, 2011. Of those, 44% are now re-evaluating their current use of tokens and another 15% are speeding up an already planned evaluation of token alternatives. |
If due to the RSA breach it becomes necessary to replace security tokens already deployed, 70% would prefer to replace them with an alternate two-factor method. The survey was conducted before RSA acknowledged in early June that SecurID tokens were compromised and replacements would be necessary. Now that organizations are actually facing the prospect of replacing all 40+ million tokens in circulation today, I expect that many will elect to deploy alternative methods instead of going through the onerous process or re-issuing tokens.
The survey results are consistent with forecasts by leading analysts who predict a continued decline in the use of hardware tokens for authentication and an increased reliance on phone-based methods. Gartner, Inc. expects that that by year-end 2013, fewer than 10% of all authentication events will involve discrete, specialized authentication hardware of any kind (Predicts 2011: Identity and Access Management Continues Its Evolution Toward a Strategic Discipline, November 23, 2010 by Ant Allan, Earl Perkins, and Ray Wagner). The research notes that “by adopting alternative authentication methods, enterprises will be able to meet their needs for improved security at a lower cost and with a better user experience.”
Download the 2011 Multi-Factor Authentication Survey.
-Sarah
Mobility + Security = :)
Mobility isn’t what it used to be. It is so much more – more devices, more operating systems, more access points, and more cloud applications. Meeting end user’s’ need for mobility in the face of an increasingly hostile threat landscape is a real challenge for IT departments.
PhoneFactor enables multi-factor authentication using any ordinary phone to secure Citrix logins from any device, anywhere in the world. This video, created for the Citrix Ready Security Challenge, illustrates how security and mobility can be combined to meet the needs of IT departments and end users.
PhoneFactor has been certified Citrix Ready for XenApp and XenDesktop, and it works seamlessly with Citrix Receiver for the iPhone, BlackBerry, Android, and Windows mobile devices as well as the iPad. Learn more about enabling PhoneFactor for Citrix.
Subscribe in a reader.
