There’s Never Been A Greater Need For Easy Security Technology

Two Factor Authentication

Research from the ICS – the Irish Computer Society – found that almost 58 per cent of the data breaches were caused by staff. The human element is the most overlooked aspect of many organisation’s security defences.

The problem facing most organisations is that many members of staff – especially those in the lower grades – simply want to do their job as efficiently as possible and so please their customers – and bosses.

The problem here is that those same members of staff are often unaware of the technology can make their jobs a lot easier, especially when it comes to IT security issues. This is clearly shown by the ICS research, which found that – where an employee had precipitated a data breach – it was largely a result of internal failures and a lack of awareness.

It’s also interesting to note that 28 per cent of professionals saw the greatest threat to their data as coming from negligent employees. But how do you motivate members of staff – who often have other issues to worry about – to use technology to reduce the risk of the company’s data going walkabout? The solution, I believe, is to use the available technology more wisely.

Instead of having staff use cumbersome and complex security technology – such as a hardware token – to make their computer access more secure, employers need to use technology that employees are very comfortable with. And the technology that most employees are comfortable with, he says, is the mobile phone that almost everyone has in their pocket or purse.

If you can get staff to use their mobile as an authentication device – something called tokenless two-factor authentication – then it will become second nature to the employee, as it’s a simply lot more convenient to use than a hardware token.

The Irish Computer Society research – which took in responses from 300 IT professionals ahead of the Society’s annual data protection conference on the 9th of February – found that clear security policies and procedures are the key to developing a successful set of data defences.

With the research showing that over half of the respondents to the survey expressed a belief that formal training and awareness programmes should be conducted on a regular basis to educate staff on IT security issue, it really comes down to making the technology involved as easy as possible for employees to use on a day-to-day basis.

And it’s for this reason that I recommend the use of mobiles as a means of tokenless two factor authentication to achieve higher levels of security when accessing data in the workplace. If you make the technology easier to use, you can achieve stakeholder security buy-in a lot more easily.

Steven Watts brings 25 years’ of industry experience to his role at the helm of Sales & Marketing for SecurEnvoy. He founded the company with Andrew Kemshall in 2003 and still works tirelessly to grow the company in new and established markets. His particular value is market and partner strategy; having assisted in the development and design of the products, designed the pricing strategy and recurring revenue model that has been so key to the businesses growth and success. Before starting SecurEnvoy, Steven was responsible for setting up nonstop IT, the UK’s first IT security reseller in 1994. Prior to setting out on his own, Steven worked as Sales Director at the networking and IT division of Comtec, and had started his career in office solution sales in 1986.