National Strong Authentication Survey Shows Uptick in Adoption and Growing Synergy With Single Sign-on Solutions

Imprivata-Sponsored Survey Highlights Growing Adoption and Increasing Use of Various Modalities; Reveals Organizations Lack, Yet Desire, Centralized Management and Reporting

News Facts
RSA Conference 2009, San Francisco, CA, Booth 841, April 20, 2009, Imprivata®, Inc., the employee access management company, today announced the results of its “2009 Trends in Strong Authentication Survey.” The survey targeted executives across an array of industries including healthcare, financial services, state and local government agencies and others to understand how organizations are using technologies for secure authentication. Additionally, a free Webcast discussing the findings is now available for download on Imprivata.com

Survey Findings
Strong authentication and single sign-on (SSO) drive organizational cost-efficiencies, security and employee productivity
86 percent of respondents stated that strong authentication is part of their SSO identity management solution strategy. This pairing stems from the fact that companies must address growing security concerns, comply with industry and government regulations and empower employees to be more productive in resource-constrained economic times. By aligning these two technologies, businesses can give the employees one touch access to all the information while fully addressing their critical security issues.

Strong authentication is no longer being used exclusively for remote access
53 percent of respondents stated that they are currently using strong authentication only for remote access. With insider threats increasing in frequency and intensity, many businesses have left themselves susceptible to a security breach within the organization. Subsequently, 52 percent of respondents stated that they are or have plans to deploy more than one form of strong authentication in order to achieve 360 degree protection from all security threats in their organization, whether employees are accessing data locally or from a remote location.

Companies turn to broader variety of strong authentication options to stimulate user adoption into existing employee workflows
While respondents’ current strong authentication solutions of choice fall into two distinct groups, preferences are shifting toward a wider array of options. This shift is being driven by the ubiquitous nature and low cost of these devices as well as workflow and individual needs which demand a more convenient way for employees to perform their jobs while ensuring data is safe from a potential security breach. Supporting data points include:

  • When asked what forms of strong authentication they currently have in place, 46 percent of respondents stated facility access badge/proximity card while 43 percent responded OTP token.
  • When asked what forms of strong authentication they plan to use, or are investigating for future use, 41 percent of respondents stated fingerprint biometrics and 39 percent responded smartcards. Furthermore, only 28 percent answered OTP tokens, as compared to the 43 percent highlighted above.
  • 56 percent of respondents stated that they have considered re-using building access cards as strong authentication devices for Windows Logon.

Companies lack, but want, centralized management and reporting of multiple strong authentication modalities

  • While the deployment of multiple forms of strong authentication is on the rise, many businesses are unable to centrally manage all from one location without costly integration projects. This creates a highly inefficient process where security teams are forced to manage and track multiple systems or creates additional potential security risk by leaving these management tasks up to each individual end-user.
    • 86 percent stated that they currently do not have a way to centrally manage more than one form of strong authentication.
    • Additionally 24 percent of respondents stated that strong authentication management is left up to the end-user.
  • In addition, a significant number of respondents want to track strong authentication access events across their entire organization but according to the survey do not have the proper tools to help them do so at this time.
    • 32% of respondents stated that they would like a central audit log for all users and modes but can’t currently find a solution to help in this area.

 

    Links

    Quote attributed to Omar Hussain, President and CEO, Imprivata, Inc.
    “Insider threats are one of the biggest security challenges businesses face today, yet many companies have left themselves vulnerable by focusing much of their strong authentication efforts on only their remote workforce. What we see now is a shift with a growing number of organizations looking to better secure their systems by deploying multiple forms of strong authentication that work well within existing employee workflows. As this pattern continues, it will be critical that they harness the ability to centrally deploy, manage, alert and report on access events regardless of devices. Hundreds of Imprivata OneSign customers have enjoyed success on these fronts, enabling them to minimize data security risk and ensure end user productivity.”

    About Imprivata
    Imprivata secures employee access to desktops, networks, applications and transactions. Its appliance-based, employee access management platform, OneSign, enables organizations to protect enterprise information assets while improving user productivity. By strengthening user authentication, streamlining application access and simplifying compliance reporting across multiple computing environments, customers realize substantial IT Help Desk and administration cost savings, while achieving the security standards they demand.

    Imprivata is a recognized leader in Authentication and Access Management, receiving numerous product awards and top review ratings from leading industry publications and analysts. Headquartered in Lexington, Mass., Imprivata partners with over 200 resellers, and serves the access security needs of more than 800 customers around the world. For more information, please visit www.imprivata.com.

    Imprivata is a registered trademark of Imprivata, Inc. in the USA and other countries. All other product or company names mentioned are the property of their respective owners.
    RSS Feed to Imprivata News: http://feeds.feedburner.com/ImprivataNews