Increase SSO security by going passwordless
27 October 2020

The acceleration of digital transformation initiatives to support the remote workforce has, in turn, sped up the development of cloud-based applications. An average employee uses 36 cloud services at work according to McAfee, and accessing those applications requires multiple passwords – opening risks of data loss and unauthorized network access if those passwords are compromised.

All of those passwords create vulnerability for enterprises. Cybercrime is growing at an alarming rate. In fact, Cybercrime Ventures predicts that cybercrime will cost $6 trillion annually by 2021 globally, when you add up lost, stolen, and damaged data, financial theft, and hits to productivity, intellectual property, business disruption, reputations, and more. Amongst different cybercrimes, 45% of breaches are a result of hacking credentials – typically passwords.

Enter Single Sign-On

IT professionals spend about 20% of their time on password-related issues, and 57% of enterprise users cite passwords as a major hassle. So it is no wonder organizations are turning to single sign-on (SSO) solutions to improve productivity with a frictionless single point of entry for multiple applications. Enterprise SSO usage has the potential to grow at 12.8% CAGR, becoming a $1 billion market by 2027.

The challenge is balancing that frictionless user experience with security. If your SSO authentication consists of a single password without multifactor authentication for multiple applications, you’ve made your users more productive, but multiplied your risk.

For enterprises that want to create a frictionless employee experience while increasing security, the best practice solution is to create conditions where you can eliminate passwords. Entrust offers a credential-based passwordless solution coupled with SSO for hybrid cloud and on-premises environments – replacing passwords with biometrics or tokens for fast, frictionless access. For additional security, enterprises can add authentication options like FIDO keys or use PKI-based high assurance credentials, while ensuring compliance with regional regulations like GDPR, HIPAA, and CCPA.

Original article from: Entrust

Post by: siteadmin
More Articles from Cloud Security | User Security
To VPN or Not to VPN?

To VPN or Not to VPN?

Over the past few years, VPN vulnerabilities have been in the spotlight and talked about everywhere. There is always some vulnerability being abused by opportunists and criminals, but VPNs still remain the majority solution of choice for remote...

read more