Strong authentication is too complex, expensive and difficult to use say UK IT decision makers

Almost 6 in 10 IT decision makers in the UK think that secure access control solutions such as two-factor authentication are too complex and difficult to use. More than half say that they are too expensive, and almost 20 per cent believe that there are no convincing technologies on the market, thus preventing them from putting secure authentication and data access control solutions in place.

These are the findings from a survey amongst senior IT decision makers that was carried out by technology market research company Vanson Bourne.

More than half of the IT decision makers surveyed had doubts about whether their current policies, security solutions and systems adequately protected company data, saying that they believed their data was protected only ‘to a degree’. Only 6 per cent had total faith in their data protection measures.

When asked what would be the biggest factor in protecting their company from data breaches, 36 per cent selected strong authentication for every employee as the most important factor. A smaller number of respondents (32 per cent) said they thought educating employees to act responsibly was key. 7 per cent voted for banning remote data access completely.

Since the beginning of the year, there has been news of severe data breaches on an almost weekly basis. Everyone agrees that passwords are no longer enough to protect sensitive data in a digital age. But most of the strong authentication solutions out there are too complicated and costly to implement and manage. You really need something that’s as cheap and simple to use as the traditional password, but at the same time much more secure.

Any authentication solution that requires you to carry hardware tokens, or to have passcodes sent to your mobile phone while you’re trying to access a service on your computer just makes the log-in process more cumbersome.

Pattern Based Authentication generates secure one-time passcodes without additional tokens, and is even more intuitive to use than passwords as it plays to the strength of the human brain to remember patterns rather than strings of letters and numbers. Dealing with passwords costs UK firms £36bn a week so it’s a great bonus to have a safe solution that makes the process easier at the same time.

Of the CIOs, CSOs and IT managers surveyed, only a third (34 per cent) said they trusted their employees ‘a lot’ or ‘completely’ to do their best to protect the company against cyber threats. Almost two thirds answered ‘to a degree’ and 3 in 100 respondents even said they didn’t trust their employees at all to act responsibly.

Employees exposing their passwords by writing them down, choosing unsafe passwords or sharing them with colleagues was the second biggest concern of the CIOs surveyed, surpassed only by the risk of employees leaving confidential paper documents in public places.

The survey was conducted by Vanson Bourne in March 2011. Vanson Bourne interviewed 100 senior IT decision makers within large commercial companies with more than 1000 employees.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Stephen Howes is an experienced IT director with a background in software engineering and has over 20 years experience designing and developing software for a variety of highly regulated markets. In 1996 Steve joined one of the UK’s first ISPs, Unipalm Pipex (later UUNET), becoming the Director of Global Product Engineering and Infrastructure Systems. As part of this role, he was at the forefront of developing internet infrastructure for over 65 countries, delivering core infrastructure systems to ISPs, multinational companies and Governments. Steve later moved on to become Managing Director of Tesseration, the IT Consultancy and software Development company, before going on to co-invent GrIDsure and become the company’s CEO.