70% of UK businesses implement multi-factor authentication for remote worker security

Multi-factor authentication is an authentication method in which a computer user is granted access only after successfully presenting two or more known identity confirmations (such as a password and a code sent to their known phone number, a hardware key and biometric confirmation like a fingerprint scan, etc). A VPN, on the other hand, extends a private network across a public network, thereby allowing Internet users to protect their location and remain anonymous.

Collected by independent polling company Censuswide on behalf of Centrify, the data was obtained via a survey of 200 senior business decision-makers in large and medium-sized UK companies. 46% of those surveyed have already noted an increase in phishing attacks since implementing a policy of widespread remote working.

Despite recognising a need for more cyber security vigilance in the face of increased opportunistic threats, the poll also revealed that 43% of individuals believe the increased cyber security protocols for remote workers will have a negative impact on workplace productivity. Similarly, almost half (49%) of the individuals questioned stated that they prefer to remove extra authentication steps for basic apps and data in the workplace as they feel it adds unnecessary time to procedures.

As a potential alternative or middle ground, 60% of business decision-makers support biometric data – such as fingerprint or facial recognition identification factors supported by the FIDO2 specification for password-less authentication – as a suitable replacement for more time-intensive multi-factor authentication to increase productivity. Furthermore, two-thirds (66%) agree that they would feel more secure using fingerprint or facial recognition ID as opposed to a traditional password.

“It’s clear that businesses recognise the risks posed by increased remote working during this difficult time,” urged Andy Heather, vice-president at Centrify, “with the majority opting for multi-factor authentication solutions to verify every user and protect company data. What’s troubling is the other 30% who are not using multi-factor authentication, which is recognised as a security Best Practice. Every organisation wants to ensure productivity for remote workers, but it cannot come at the expense of proper security. They need to weigh the risks they are facing with these heightened threats very carefully and take any and all measures available to ensure access is granted only to authentic users.”

Heather added: “This is particularly important for privileged access by IT administrators, many of whom are outsourced third parties with broad entitlements and less restrictive controls. It’s worth requiring the extra few seconds for these users to properly authenticate their identities. As our polling data indicates, many organisations are looking at more modern factors of authentication such as biometrics that can both increase security and productivity.”