Employees want ‘same access to cloud apps as consumers’

Employees want ‘same access to cloud apps as consumers’ [Image: oatawa via iStock]

Almost two-thirds (64 per cent) of IT leaders have admitted that their security teams are considering implementing consumer-grade access to cloud services for employees.

This is according to new research by digital security firm Gemalto.

According to the survey of more than 1,000 IT decision-makers, this is down to the proliferation of cloud applications and use of a wide range of different devices within businesses.

The 2018 Identity and Access Management Index also revealed that the majority (54 per cent) do not think that the authentication methods they implement in their businesses are as strong as those found on popular sites such as Amazon and Facebook.

Gemalto said that a growing number of cloud apps in use, more employees working remotely and pressure mounting to make authentication stronger while ensuring ease of use is causing IT decision-makers to want to 'consumerise' the login process.

The survey found that 70 per cent of IT professionals believe that authentication methods applied in the consumer world can be applied to secure access for enterprises.

Despite this, however, 92 per cent of IT leaders expressed concern about their employees reusing personal credentials for work. In addition, 61 per cent admitted that they are still not implementing two-factor authentication to allow access to their network, which potentially leaves them vulnerable to cyber criminals.

Francois Lasnier, senior vice-president of identity and access management at Gemalto, said: “These findings clearly show that IT managers are struggling to balance the need for a simple and easy login experience with security. While there is a need to make things easier for employees, there is a fine line to be walked.”

He added that it would be a good idea for IT and business line managers to establish the risks and sensitivities associated with various applications their organisations use. Mr Lasnier explained that these businesses should then use access management policies to manage risk and apply the appropriate authentication method.