Missing authentication token leads to security breach for a quarter of firms

Four in five UK organizations have deployed hard ID tokens, but one-third of these organizations did not have an alternative method of authentication in place should the token be compromised, according to a survey of 100 senior IT decision makers at UK organizations with more than 1,000 employees. The survey was conducted by Vanson Bourne for identiy security specialist Entrust.

More than one-third of respondents said that it would take longer than a day to change their authentication type if a token were breached, with 15% reporting that it would take up to a month.

Recent high-profile data breaches have had an impact on the reputation of one-time-password tokens as a method of authentication. More than three quarters of respondents who were aware of the RSA data breach believed that it and similar breaches have undermined confidence in password tokens as an effective method of authentication.

The survey also revealed that lost hard tokens can show up in strange places. When asked about some of the strangest locations that they have heard of tokens being found, respondents cited restaurant tables, washing machines, lavatories, trains, and taxis as the most frequently cited, while one respondent had even heard of a token being found inside a car tire.

What’s Hot on Infosecurity Magazine?