Content, Content

Axiad Research: Identity Authentication Hampered by Complexity, Multiple Solutions

Social Networking or distancing concept

Solution complexity is throwing shade on the growth of authentication practices, according to a new survey from Axiad, a passwordless orchestration specialist.

The Santa Clara, California-based firm went so far as to say that executives have “their hands full” in managing authentication practices — what Axiad calls a “foundational element of most cybersecurity strategies” worldwide.

Study Identifies Authentication Challenges

In its study of more than 250 security and IT executives in U.S. organizations of at least 2,500 employees, respondents pointed to several internal challenges that prevent them from addressing authentication in a systematic fashion across the organization, including:

  • The variety of identity types to protect
  • Numerous authentication methods used internally
  • Varied operating systems in use
  • Existing investments in identity and access management that are often not interoperable

According to the survey, 70% of security and IT professionals are overwhelmed by significant complexity related to authentication, the company said.

Additional findings from the research include:

  • 70% of respondents have 3 or more IAM ecosystems in use; 52% have 4 or more.
  • 83% said they have both Windows and MacOS operating systems in place; almost half (46%) said they must authenticate against Linux as well.
  • 89% use three or more authentication methods. The most popular are software one-time passwords (OTP), passwords and mobile push authentication; 60% use more than 5.
  • 79% of respondents said it’s critical to secure people; 68% said machines are critical.

External Factors Create Complexity

Security and IT professionals are also challenged by external factors such as regulatory requirements, which impact how an organization must authenticate and vary widely according to vertical markets, international standards and the public sector. More than half of the organizations surveyed (54%) must comply with four or more regulatory requirements, and 38% must comply with 5 or more, the study showed.

Bassam Al-Khalidi, Axiad co-chief executive and co-founder, added perspective to the survey results:

“Organizations today are grappling with a complex mix of systems and requirements, resulting in a siloed approach to authentication. We are seeing the negative repercussions of these fragmented strategies play out on the front pages right now, as cyber attackers are exploiting organizations that aren’t systematic in the way they validate a user (or machine) is who they say they are."

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.