In the course of the pandemic, companies have become more security-conscious and have invested heavily in Zero Trust. In fact, 82% of companies in Europe are increasing their budgets in favor of a zero trust security model, according to a new study by Okta. The “State of Zero Trust Security 2021” report asked more than 600 security experts around the world about their initiatives. The results show that the increased prevalence of home office and remote work has changed the perception of IT managers in organizations and companies with regard to zero trust, with financial service providers, healthcare organizations and the software industry making the greatest advances. “Zero Trust” is a security concept in which no user, device or service is trusted within or outside of one’s own network. Every single access must be verified in order to gain access to the network.
More than three quarters (78%) of companies worldwide said the priority of Zero Trust has increased. 90% are currently working on a zero trust initiative or planning to do so in the next 12-18 months – compared to just 41% a year ago. In 2019, Zero Trust was a priority for only 18% of European companies. Today, two years later, European companies are the most advanced in the world in adopting zero trust concepts. 90% have either fully implemented a corresponding strategy or plan to do so in the coming months.
At a time when budget cuts are rampant, it underscores the importance of zero trust as a security measure.
One of the biggest challenges for European companies when introducing a zero trust infrastructure is
- Concerns about cost (26%)
- Technological gaps (22%)
- Acceptance of interest groups (19%)
- Awareness of solutions (15%)
“The Okta study comes at a time when cybersecurity is one of the greatest challenges facing companies. The pandemic has exacerbated the IT threat landscape, ”said Ben King, Chief Security Officer, EMEA at Okta. “To prevent companies from becoming the next victim of a data breach or cyber attack, they are moving towards a more robust and comprehensive security strategy based on the zero trust principle of ‘never trust, always check’. Companies need to recognize that people are the new perimeter. Therefore, they should introduce strong authentication across all services – anytime and anywhere, on site in the office, in the cloud or mobile, for employees as well as for customers, partners, contractors and suppliers. “
The most widely used security factors: Biometrics on the rise
The Okta study also shows that companies still use untrustworthy factors for authentication. The majority still rely on passwords (95%) and security questions (68%). Compared to the rest of the world, however, sophisticated security factors such as biometrics, one-time hardware passwords (OTPs) and push notifications are more widespread in Europe. 56% of companies in Europe are already using biometric technologies, compared to 43% in other countries.
Biometrics is on the advance worldwide: 45% of companies and more than 50% of financial service providers and software companies use biometric processes as a factor with a high level of security.
“The goodbye to passwords won’t happen overnight, but companies can start introducing contextual factors to simplify authentication processes,” commented Ben King. “By using passwordless technologies such as biometrics and contextual factors, you can increase security and combat data breaches more effectively.”