Free Download     |     Resource Center    |     Customer Login
1.877.No.Token (1.877.668.6536)
Live Chat
PhoneFactor Press Releases

20% of Corporate Networks or Data Has Been Compromised Due to Inadequate Security Practices, According to New Research by Positive Networks

70% Believe That Username/Password Authentication is Not Secure

February 6, 2008 – Positive Networks, a leading provider of security products and services, announced the results of its new survey “IT Security & Authentication: Key Concerns in 2008”. In January 2008, over 300 Information Technology Professionals from across the country were interviewed online on issues relating to security, authentication, and other concerns which network security professionals should be prepared to face in 2008. It became clear that IT professionals are concerned that they do not have the appropriate security practices in place. This concern seems well founded in that 20% admitted to a breach that included some loss of sensitive data or allowed access to restricted resources. 70% suggested that their current practices for authentication were not secure.

The “IT Security & Authentication: Key Concerns in 2008” survey reveals that while IT professionals face a growing list of priorities, security ranks as a top concern. The worry about security blurred the lines between protecting company assets and personal assets with results demonstrating even greater worry related to identity theft and privacy concerns. 93% of respondents indicated serious concerns about company security relating to data protection and network security. Only 3% indicated that IT security was not a priority for 2008.

In particular, IT professionals noted that authenticating and restricting access to appropriate users is a priority with 84% rating it as a serious or high level concern. Furthermore, for nearly half of respondents (48%), their current focus on IT security is higher than in previous years.

Nearly 1 in 5 respondents indicated that their company’s network or data had been compromised, with an overwhelming 70% of respondents not believing that usernames and passwords provide an adequate level of security. IT professionals recognize the need for improved authentication standards, but have struggled with the complexity and cost of previous two-factor authentication offerings.

“PhoneFactor has made secure two-factor authentication inexpensive and simple for both administrators and end-users,” said Evan Conway, EVP & Chief Privacy Advocate with Positive Networks. “It is no longer acceptable for companies to rely on usernames and password to protect sensitive data.”

Preview of “IT Security & Authentication: Key Concerns in 2008” Survey Results:

  • Current Corporate Authentication Systems Are Not Secure – Over half (58%) of respondents rate their company’s current authentication systems as only somewhat secure or worse. Only 10% rate their current athentication systems as very secure.
  • Two-Factor Authentication Recognized as a Need – If most respondents rate their current authentication systems poorly, then why haven’t more companies implemented two-factor authentication already? The top responses include: Cost (33%), Time to deploy and manage (29%), User inconvenience (23%).
  • Could A Phone Be Used As The Authentication Device? – Respondents support the idea that a phone (mobile or landline) could be used as the second factor in two-factor authentication to increase user adoption rates. They suggested that mobile phone use among professionals was nearly ubiquitous, and 72% mentioned that their company provides mobile phones for some portion of their employees to use.
  • Personal Security Preferences Analyzed – Security Concerns High – The survey also asked IT professionals about their perspectives on securing access to their own personal and financial information. Most (84%) ranked their level of concern as being moderate to very high with nearly two-thirds indicating a very high level of concern. A slight majority (53%) indicated a higher level of concern than in previous years.
  • IT Professionals More Concerned About Personal Data Protection – Interestingly, 78% of respondents indicated that they did not believe usernames and passwords provided adequate security for accessing their own personal and financial information online. Responses to questions in this area indicated a greater level of concern about security as it relates to personal data than company data.
  • Identity Theft High Even Among IT Professionals – One in five respondents (virtually all of whom are IT professionals) have experienced identity theft personally. Most take some precautions – 96% use strong passwords, 38% change their passwords at least once a month, and 57% do not use the same password for multiple logins

About the Survey
“IT Security & Authentication: Key Concerns in 2008” is a new survey to examine the top security issues which network administrators and security professionals should be prepared to face. Data for this survey was compiled based on a survey questionnaire provided by Positive Networks. In January 2008, over 300 Information Technology Professionals from across the country were interviewed online. A copy of the this report can be accessed at http://www.positivenetworks.com/itsurvey.

Share This
  • Twitthis
  • Facebook
  • E-mail this story to a friend!
  • Digg
  • Technorati
  • del.icio.us
  • StumbleUpon
  • Slashdot
   Legal  |  Sitemap  |  Support  |  Contact               

PhoneFactor, Inc provides secure two-factor authentication services to leading companies worldwide. PhoneFactor's multifactor out-of-band authentication software is a cost effective, user friendly alternative to security tokens, fobs, certificates, and other 2 factor authentication methods.
Secure User Authentication: SSL VPN Authentication | Citrix Authentication | Web Authentication | Terminal Services Authentication | Tivoli Authentication | Online Banking Authentication
Two-Factor Authentication for Regulatory Compliance: Payment Card Industry Data Security Standards (PCI DSS) Compliance | FFIEC Compliance | HIPAA Compliance | NIST 800-63
Compare Phone Authentication to: Security Tokens | SMS Authentication | Biometric Authentication | Soft Tokens | Smart Cards | Certificates