Although VPN services enable colleagues to send and receive data privately, the Microsoft Intelligent Security Association contends that more changes need to be made to the way we navigate the digital workforce in the future.
In a recent blog post titled, A breakthrough year for passwordless technology the agency revealed that 80% of cyber attacks target passwords specifically.
“As 2020 draws to a close, most of us are looking forward to putting this year in the rearview mirror. Since we depend even more on getting online for everything in our lives, we’re more than ready to be done with passwords. Passwords are a hassle to use, and they present security risks for users and organizations of all sizes, with an average of one in every 250 corporate accounts compromised each month. According to the Gartner Group, 20 to 50 percent of all help desk calls are for password resets. The World Economic Forum (WEF) estimates that cybercrime costs the global economy $2.9 million every minute,” the authors wrote.
So what’s the alternative look like? Well, the research team went on to highlight several potential solutions.
The first is biometrics. Biometrics are sequences designed to provide identification, authorization, and access to private systems.
Back in November of last year, Microsoft Ignite reported that more than 100 million users subscribed to their passwordless sign-in each month.
This number jumped up to 150 million by May of 2020, and the use of biometrics to access work accounts is nearly doubled during that same window.
“We’ve drawn strength from our customers’ determination this year and are set to make passwordless access a reality for all our customers in 2021,” the authors continued.
Below are the four programs indexed in the blog studied to keep work data safe and secure during remote operations.
Yubico created the passwordless YubiKey hardware to help businesses achieve the highest level of security at scale.
HID Global engineered the HID Crescendo family of FIDO-enabled smart cards and USB keys to streamline access for IT and physical workspaces—enabling passwordless authentication anywhere.
TrustKey provides FIDO2 hardware and software solutions for enterprises who want to deploy passwordless authentication with Azure Active Directory because: “Users often find innovative ways to circumvent difficult policies,” comments Andrew Jun, VP of Product Development at TrustKey, “which inadvertently creates security holes.”
AuthenTrend applied fingerprint-authentication technology to the FIDO2 security key and aspires to replace all passwords with biometrics to help people take back ownership of their credentials.
Even with a vaccine and a flattened coronavirus growth curve, many companies intend to maintain some remote operations for the foreseeable future.
If the labor market is going to migrate safely into digital terrain, security protolcs need to adapt in kind.
“Our team has been working hard this year to join these partners in making passwords a thing of the past. Along with new UX and APIs for managing FIDO2 security keys enabling customers to develop custom solutions and tools, we plan to release a converged registration portal in 2021, where all users can seamlessly manage passwordless credentials via the My Apps portal,” theblog concludes.