While there are multiple security solutions available, most enterprises still rely on password-based credentials as their primary line of defence against data attacks.
According to Verizon Data Breach Investigations Report (DBIR) in 2022, over 80% of hacking breaches were the result of stolen or weak passwords. Instead of introducing more complex passwords, the better alternative is to eliminate them altogether in favour of a more secure system.
Organisation C use case
Organisation C wants to reduce their attack footprint and tighten up security in the wake of several data breaches in their industry. They handle a lot of customer data and are keen to ensure they stay compliant with the current UAE Data protection law.
They are planning to introduce passwordless security which relies on the users having physical tokens, which could be users’ smartphones or secure key. Once implemented, to authenticate to the network, application or cloud service the user will receive a push notification on their phone and they can complete the multi-factor passwordless authentication via biometrics, like fingerprint or facial recognition. This secure multi-layer authentication is completed without the use of any passwords dramatically reducing the attack footprint.