The impact of remote work throughout the COVID-19 pandemic has caused both security professionals and the average technology user to be more aware of security concerns and how to address them. The 2022 Thales Access Management Index, based on data from a survey of nearly 2,800 respondents in more than 15 countries across the globe, looks to identify the extent of that change, as well as the current state of access management and plans for access security across a range of industries. The insights in this report were gleaned from the survey data, and this report explores the impacts on identity and access management (IAM) security strategy and planning.
For brevity, we will define all forms of authentication stronger than a password as MFA for the remainder of this report.
Key Findings
- Overall, worldwide multi-factor authentication (MFA) deployments remained relatively unchanged, with pockets of strength and weakness.
- On the plus side, India, Singapore and the UAE revealed significant increases over the past year in terms of overall MFA adoption levels. Additionally, organizations have increased their use of MFA (those that involve using more than just a password), particularly for cloud and SaaS applications, but also for legacy, on-premises applications.
- On the negative side, the majority of firms still have less than 50% of employees using MFA methods and still rely on passwords to an alarming degree. The heaviest users of MFA, for example, remain remote and privileged employees.
- MFA is still the most widely deployed form of authentication technology (chosen by 56% of global respondents), ahead of the increasingly popular passwordless authentication (48%).
- Pandemic impacts have lowered concerns about remote working as work-from-home strategies have become more common. Virtual private networks (VPNs) continue to lead the way as the primary method for employees to access applications remotely. The planned use of zero-trust network access (ZTNA) and software-defined perimeter (SDP) fell slightly, though nearly half of respondents plan to keep their existing VPNs while adding new technology such as ZTNA.