Poor authentication security is the leading cause of data breaches in Singapore, Hong Kong, Malaysia and Indonesia, accounting for 76% of compromised records, according to a survey published by eGov Innovation.
Most organizations rely solely on a weak password-based authentication, but plan to upgrade to more secure authentication systems. 75% of organizations use only passwords for authentication but, within this group, 63% indicated plans to adopt either strong authentication mechanisms (PKI, OTP, biometrics and contextual) or software-based authentication, the study shows.
CIOs’ and CSOs’ answers show organizations are reluctant to implement new authentication mechanisms due to the complexity of integrating multiple systems and vendors, rather than concerns over budget or user acceptance. Application integration complexity to support multiple authentication systems (51%), multiple administration interfaces for each authentication vendor (30%), application integration complexity to support multiple authentication vendors (28%) and multiple vendor-specific authentication servers (19%) are among the significant barriers to organizations deploying new authentication mechanisms.
The adoption of strong authentication mechanisms is on the rise. Although only 25% of organizations currently use strong authentication mechanisms (OTP, PKI, Biometrics and Contextual), 40% have indicated plans to implement them.
Organization are undergoing significant efforts to educate employees about security, identity and authentication. 93% of organizations surveyed used seminars, material dissemination, orientation sessions or awareness campaigns to educate staff on good security practices. Yet companies often fail to find the right balance between security and user experience. As a result, security becomes an annoying antagonist that diminishes both enthusiasm and productivity and makes working remotely difficult. Read more about how security impacts productivity.
eGov Innovation surveyed 112 IT managers, CIOs, CSOs and system engineers, security managers and other senior executives from Singapore, Hong Kong, Malaysia and Indonesia.