Organizations around the world – including Canada – are increasingly adopting multifactor authentication (MFA) to improve their cyber security posture, A new report from Cisco Systems gives suggestions.
The numbers, which come from an analysis of usage of Cisco’s Duo MFA platform, show authentication via Duo grew by about 15 percent this year compared to 2021 in the US, about 24 percent in the UK, and about 25 percent in Canada . ,
“We have moved far beyond discussions of password complexity, where investing in multi-factor authentication (MFA) and passwordless technology is an inevitable cost of doing business,” Cisco concluded in a report analyzing the data.
In an interview, Dave Lewis, global consultant chief information security officer (CISO) at Cisco Canada, noted that there was a 50 Percent Growth Percent of accounts allowed passwordless WebAuthn Authentication Among Duo users, the share of One five fold increase WebAuthn in use since April 2019,
“It’s a great thing to see because it [WebAuthn] Passwordless is a core piece of technology.”
On the other hand, he was disappointed that bisometrics on smartphone For login between Duo users”have kind of stabilized, at 81 percent. He suspects it’s because in the first years of the pandemic – 2020 and 2021 – IT leaders rushed to get employees working from home online without ever taking security into account Procedures in the account.
Iproof of this is rEmote access authentication on Duo peaked in 2020, but has since declined, falling below pre-pandemic levels.
,I,i am very optimistic that next year when we run through data we’ll see the numbers go upD,” Lewis Told.
Data was analyzed from over 13 billion authentications on Duo, from over 49 million devices worldwide, between June 1, 2021 and May 31, 2022.
Among other findings:
Less than 1 percent of organizations using Duo explicitly disallow or allow location policies. However, of those enterprises that deny geographic locations, they block Russia or China 91 percent of the time. Sixty-three percent block both countries;
– The percentage of login authentication failures attributed to devices with legacy apps increased by nearly 52 percent between 2021 and 2022, despite the fact that the percentage of Duo users with policies governing legacy devices decreased by 7.1 percent.
Users in the education sector again had the highest number of older browsers on their devices (56.7 percent), followed by healthcare (52.3 percent), retail/catering/leisure (46.3 percent), legal (45.4 percent) , and travel/transportation (44 percent).
The report states, “Security debt built into organizations will continue to provide targets of opportunity to adversaries.” “Companies need to hone their craft and focus better on access control and dealing with deprecated systems that may continue to operate in their environments long past their life expectancy. Patching has been adopted by security practitioners over the years. has been much maligned – not because it shouldn’t be done, but because no one ever wants to do it. As a result, issues emerge with long-published vulnerabilities that really need to be addressed in modern enterprises. Shouldn’t be affected in any way. Still, they wait on the wire.
“Utilizing multi-factor authentication and/or a passwordless authentication model is essential for the modern business enterprise.”