infographic

New research carried out by Microsoft has revealed that Middle East enterprises still have some way to go to enhance their cybersecurity , with many still exclusively using usernames and passwords to log-in . Mohammed Arif , Regional Director , Modern Workplace and Security , Microsoft Gulf , says that organisations need to have an always-on and multifaceted approach to security .

More than four in five large GCC enterprises still rely solely on usernames and passwords for authentication to corporate networks , according to Microsoft ’ s Digital Transformation survey . The research , recently carried out by Microsoft , asked respondents from almost 1,000 GCC-based organisations a series of questions about their awareness of , and attitude to , digital transformation . Questions on security covered a range of areas , from data protection to authentication . The most striking finding was that , at a time when security professionals are recommending next-generation identity-management techniques such as facial recognition , biometric identification and two-factor authentication , and conditional access ( 2FA ), just over 80 % of large Gulf enterprises still use usernames and passwords as the exclusive means of log-in .

Only around 11 % used a 2FA SMS notification to support usernamepassword authentication . About 7 % reported using fingerprint-scanning and just under 1 % had adopted facial recognition . In fact , the precise proportion of large Gulf enterprises using facial recognition ( 0.74 %) was less than that for SMEs ( 1.08 %). The survey results also exposed a need for greater protection from unwanted emails , ranging from nuisance mail ( spam ) to more sinister communications ( such as phishing attempts ). More than half ( 51 %) of those reported a 10 % -or-higher proportion of unwanted emails in corporate inboxes . And 41 % admitted to having clicked on links within such emails that led to unwanted websites .

The survey also explored the extent to which large Gulf enterprises have classified their data . Data classification policies ( the separation of data files by varying degrees of sensitivity ) have long been considered by security professionals as a fundamental requirement in guaranteeing robust IP and privacy protections . However , just over 61 % of those surveyed said their organisation did not yet have a data classification solution in place .

“ The findings clearly show that many of the region ’ s enterprises have a long way to go to create secure environments for their customers , employees and their intellectual property ,” said Mohammed Arif , Regional Director , Modern Workplace and Security , Microsoft Gulf . “ Traditional security models have focused on layered perimeter defence and building ‘ better walls ’. Today , organisations need to have an always-on and multifaceted approach to security that constantly protects all endpoints , detects the early signs of a breach , and responds before that threat can cause damage . Modern cloud-based automated tools , including analytics based on machine learning and artificial intelligence , can help expedite response . For example , because of our scale , Microsoft can build an intelligent security graph that can be applied to protect all endpoints , detect attacks and accelerate responses . Cloud providers can afford to integrate their products into holistic , machine-learning-driven , security frameworks , covering perimeter , infrastructure and data , both at rest and in transit . Far from being more vulnerable in the cloud , enterprises of all scales and industries are safer there , where they can innovate and grow with peace of mind .” u

22 Issue 02 | www . intelligentciso . com