MUHAMMAD we look at enterprise applications for example , the platforms we rely on to do our jobs every day , they all require passwords and often don ’ t allow other types of protection . This is either because they are legacy technologies that can ’ t be updated or simply haven ’ t been built with authentication protection methods in mind . We also cannot dismiss the cost element that would be required to switch to other systems or add in additional security measures , which is not small .

Moving away from passwords isn ’ t a simple journey . It will require a lot of groundwork to migrate away from them as the main mechanism . If we take a step back and think of all the applications that we would need to update – the configurations required by IT departments , the work to make all of these new platforms integrated with one another – we start to see why this is a journey , not a simple switch .

There is also a human element to this . For IT professionals , there is the fear of the unknown . With passwords we feel very much in control , whereas with anything new there is a higher margin

YAHYA PATEL , LEAD SECURITY ENGINEER , CHECK POINT SOFTWARE

for error . Very much like the mass move to cloud services , there was an initial reluctance before the pandemic which forced many to adopt this new technology . With passwords , there is still hesitation about moving towards a passwordless environment and there isn ’ t a specific motive to challenge this .

Then , from an end-user perspective , breaking human habits is not easy . We know passwords , we all rely on the same combinations even though we know we shouldn ’ t , we understand them . To adopt something new is going to need a big campaign . This would include educating people on the impact this would have on businesses , informing them on how the rollout is going to happen and if there will be any disruptions to everyday operations . These are all things IT professionals will be considering before recommending any changes .

Despite these obstacles , having this conversation is so important to raise awareness . Only recently IBM published a report that found that the use of stolen or compromised credentials remains the most common cause of a data breach , with it being the primary attack vector in 19 % of breaches , so it ’ s clear there ’ s a need for an alternative approach . There is a lot of work to be done but it ’ s pivotal we keep pushing for better cybersecurity hygiene practices . www . intelligentciso . com

29