Is ‘password only’ authentication secure enough?

With Identity and Access Management (IAM) being the framework for facilitating of access to various resources, security has become a paramount concern among the personnel that manage these identities and the environments in which they exist.

With each passing day, news organizations of the world report more stories regarding hacking and data security breaches, causing those in the industry of securing data to look harder at current security practices. But are the issues within or without of the organization?

A recent market survey from SecureAuth Corp. shows that 39% of the respondents’ organizations use password-only authentication to secure their data. At the same time, 62% of those surveyed stated that they feel the biggest threat to corporate security is their own employees. It would seem that despite the number of high-profile cyber-attacks that occurred within the last year which exploited compromised user credentials, companies are not taking the necessary steps to secure their data both from outside attacks and from within the organization.

Though nothing can be protected 100%, there are a number of things that can be done to secure data. With proper software implemented to allow for things like password complexity management, 2-factor authentication, biometrics, and single sign-on, the days of just a password (usually written on a sticky-note and stored on the end-user’s desk) to secure sensitive data, and user access to systems can be put behind us, and a more secure, digital environment can exist for companies.

How else can organizations secure their network?