UK businesses are 'slow' to adopt multi-factor authentication

News
By published

Businesses admit their password security isn't up to scratch, but vendor says "talk is cheap"

Image of two-factor authentication in action

Password security within businesses is not evolving quickly enough, according to a new study, with nearly two-thirds of organisations admitting that they have still not implemented two-factor authentication.

An overwhelming number of UK companies are concerned that staff are re-using personal credentials for work accounts, raising the spectre of password re-use hacks, while 65% are uncomfortable with employees using their social media credentials to access corporate resources.

But 70% of 1,050 IT and business decision makers surveyed by Gemalto believe that consumer-grade authentication could be applied in the workplace, with over half of IT leaders saying that their own authentication methods suffer in comparison to those of Amazon and Facebook.

What is two-factor authentication? General Data Protection Regulation (GDPR) 68 million Dropbox credentials leak online Dropbox users may get free storage if they adopt stronger security

Gemalto's 2018 Authentication and Identity Management Index report found that adoption of two-factor authentication is increasing, with 76% of UK businesses expect to begin using a secondary identification check - such as a code sent to a mobile phone number - within two years, up from 66% in 2016. Just a third of staff are required to use it at the moment, according to Gemalto's report.

Joe Pindar, Gemalto's director of product strategy, said that many firms are simply failing to implement the necessary security tools to keep themselves safe from hackers.

"This is emphasised by the slow adoption of protection such as two-factor authentication - although adoption is increasing and the majority plan to introduce this within the next two years, talk is cheap and not enough is being done quickly enough," he claimed.

With GDPR just a few months away, organisations need to move faster to address any security risks in applications they use, he added, especially those with access to people's personal data.

"If they lack the expertise to do this, they must look to employ a third party to assist this process. Simply doing nothing is not an option for businesses any longer and actions speak louder than words," he said.

Picture: Bigstock

Rene Millman
Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.

Male software developer using AI coding tools on a laptop computer while sitting at a desk with earphones on in an open-plan office environment.

Lenovo: Enterprises aren't ready to take advantage of AI productivity gains
Oracle

UK cloud infrastructure set for boost amid $5 billion Oracle investment
A CGI render of a warning symbol representing malware, sitting on an abstract computer surface. Decorative: the warning sign is glowing red and there is blue and yellow diffused light throughout.

What is an APT and how are they tracked?
See more latest
Most Popular
Male software developer using AI coding tools on a laptop computer while sitting at a desk with earphones on in an open-plan office environment.
Lenovo: Enterprises aren't ready to take advantage of AI productivity gains
Oracle
UK cloud infrastructure set for boost amid $5 billion Oracle investment
Cisco logo and branding pictured at the Mobile World Congress in Barcelona, 2023.
Cisco unveils new agentic AI tools to improve customer and employee experience
Thomas Kurian, CEO at Google Cloud, sat next to Demis Hassabis, CEO at Google DeepMind, Mark Read, CEO at WPP, and Allison Kirkby, CEO at BT Group, at the Gemini for the United Kingdom live event held at the Google DeepMind HQ in London.
Google Cloud announces UK data residency for agentic AI services
A hand on a keyboard in a dark room
Alleged LockBit developer extradited to the US
Github logo on a laptop computer arranged in the Brooklyn borough of New York, US, on Friday, March 31, 2023
Organizations urged to act fast after GitHub Action supply chain attack
Female job candidate with short hair participating in a video call interview while using AI tools on small tablet device out of view of the recruiter.
‘If you want to look like a flesh-bound chatbot, then by all means use an AI teleprompter’: Amazon banned candidates from using AI tools during interviews – here’s why you should never use them to secure a job
Jeremy Fleming, former head of GCHQ, onstage with Haider Pasha, chief security officer, EMEA & LATAM at Palo Alto Networks at Ignite London 2025.
Businesses must get better at sharing cyber information, urges former GCHQ chief
A Dell Inspiron 14 AI PC pictured inside a Best Buy store on Black Friday in Pinole.
AI PCs are becoming a no-brainer for IT decision makers
Wifi symbol, internet connection, business, global communication, mobile network, 5g, mobile phone
94% of Wi-Fi networks are vulnerable to deauthentication attacks