We asked, and more than 250 of you answered. Survey says: it’s complicated!Our recent Axiad 2022 Authentication Survey was conducted with 252 U.S. security and IT executives (Director and above) in organizations of 2,500 or more employees across a broad variety of industry sectors. We at Axiad are evangelists for a passwordless future and an overwhelming majority of survey respondents are also now understanding that by eliminating passwords they will be taking a major step toward protecting their organizations. An encouraging 86% told us they plan to implement a passwordless strategy in the next 12 months, or already have done so. Even better, an amazing 96% agreed that the C-suite is now understanding the connection between authentication and risk management.It’s clear the need to deliver secure authentication is mission critical to managing enterprise risk. However, there are challenges.As we’ve previously published, 7 in 10 (70%) of survey respondents said they are overwhelmed by the complexity of their authentication systems. In fact, 46% of respondents said navigating their underlying IT complexity is one of their biggest authentication challenges.How complex is it? The numbers show that fragmented authentication practices are a major concern.Almost 50% of survey respondents said multiple, disjointed silos are a top challenge. Over 2 in 5 (42%) said their organization’s biggest authentication challenges involve a lack of visibility across all authentication practices.Attack threats are also a factor. Susceptibility to phishing (50%) and the potential for ransomware attacks (49%) were also ranked high as top challenges to authentication.Last but certainly not least, our survey found that reducing user friction and lowering administration costs are also key considerations, and among the biggest authentication challenges were:
- end user friction (reported by 42%)
- high level of effort for administrators (reported by 45%)
- end users bypassing security controls (reported by 50%)
So where do we go from here? Our recent report with PeerSpot revealed insights and strategies from the frontlines:Think holistically and address authentication in an integrated manner, as it eliminates gaps and inconsistences that can be exploited by bad actors.Integrate and leverage the tools you’ve got. Don’t rip-and-replace what is already working. A better alternative is to create a strategy that fortifies existing investments instead.Automate what you can to help reduce the administrative burden of authentication, which can strain IT resources. Strategies that streamline common processes like addressing expired certificates or resetting access deliver real and opportunity cost savings.Perhaps most importantly, balance security with usability. If you’re not taking steps to reduce end user friction, those end users (your employees, partners and others) are likely to find a way to circumvent the cybersecurity practices you have in place and ultimately put your organization at greater risk.