Why a consumer approach to security – with cloud in mind – may help struggling enterprises

Are Amazon and Facebook the standard bearers when it comes to security? According to the latest identity and access management (IAM) study from Gemalto, more than half of respondents say their organisation’s work authentication methods are worse than those offered by the two tech giants.

The study, which polled more than 1,000 IT decision makers globally, found that the continued rise in cloud applications, as well as the similarly shopworn story around device proliferation, means enterprises are considering consumer approaches to security. Seven in 10 respondents said authentication methods applied in consumer-land can be applied to secure access to enterprise resources, while two thirds (64%) are considering implementing consumer-grade access to cloud services for employees.

61% of those polled said they were still not implementing two-factor authentication to allow access to their network, with concerns evident around organisations’ – and employees’ – security postures.

Yet the report also assesses how cloud-based approaches can help organisations. 62% of those polled said cloud access management tools can help simplify the login process for users, while almost three quarters (72%) said they were considering cloud management in order to reduce the threat of large scale breaches.

While the overwhelming majority (94%) of those polled said cloud access management was key in adopting cloud applications, getting things right first time remains important. Nine in 10 respondents said ineffective cloud access management can lead to issues for their company, with more than half (52%) specifically saying security and 39% adding IT staff’s time would be used less efficiently.

“These findings clearly show that IT managers are struggling to balance the need for a simple and easy login experience with security,” said Francois Lasnier, Gemalto SVP identity and access management. “While there is a need to make things easier for employees, there is a fine line to be walked.

“IT and business line managers would do best to figure out the risks and sensitivities associated with the various applications used in their organisations and then use access management policies to manage risk and apply the appropriate authentication method,” added Lasnier. “In this way, they can ensure a convenient login experience for their users, while still maintaining access security.”

You can read the full report here (email required).