If your company is like most, then the year 2020 threw you some real unexpected curveballs and you’re still trying to recover. From offices closing and production shutting down, to implementing remote work policies and procedures, 2020 brought huge and sudden changes to businesses, worldwide. Not all the changes were negative ones. In fact, employers and employees alike are generally pleased with the new standard of remote work. Employees are happy to work from home or other remote locations and companies are benefiting from lower overhead costs. However, this scenario has presented businesses with some new and pressing challenges in the way of cybersecurity.
Unfortunately, most businesses were simply unprepared for the sudden shift to remote work, and IT departments were not only overwhelmed but ill-equipped to handle the realities of a remote workforce. With 56% of employees using personal, rather than company devices, and working from home networks with unsecured or unstable WiFi, cybersecurity was bound to become a huge issue. On top of that, the legacy systems that companies relied on for in-house connections were not built to handle the large number of remote connections suddenly thrust upon them. All of this made fertile ground for cyber criminals to glean information.
The FBI reports that cybercrime rose by 300% in early 2020. Targeted attacks on remote employees rose by 5x within the first 6 weeks of lockdown, and this led to 20% of businesses suffering a cybersecurity breach which could be linked back to their remote employees. Sixty percent of companies have attempted to combat security risks with the implementation of multi-factor authorization, but this kind of security just isn’t cutting it.
Multi-factor authorization (MFA) is almost a great solution, but having a combination of passwords and other authentication methods still leaves too many gaps; largely due to users reusing their credentials for multiple applications. Although an MFA can prevent 95% of bulk phishing attacks and over 75% of targeted attacks, they can’t prevent users from using poor judgment in login creations. In fact, 63% of data breaches exploit weak and reused credentials, and in 2020, 500,000 Zoom accounts were compromised by credential stuffing (using credentials collected during previous attacks.)
The real solution to this problem lies with the complete elimination of passwords. Beyond Identity is a security system that replaces passwords with biometrics and cryptography. Its risk-based authentication checks every user and every device for risk signals, and the frictionless login means that there are no out-of-band messages for hackers to intercept.
In order for IT departments to meet the new demands of remote connections, passwordless security is a no-brainer.