Addressing the Top 4 Reasons for Hesitation
Studies have shown an increased appetite among consumers for multi-factor authentication, including biometrics as a replacement for the username and password login method, and evidence is clear that credential-based login poses the number one threat for security breaches. Experts and tech writers have been saying that we need to “break up with the password.”… Yet, companies are still reluctant to modernize access with Passwordless solutions that have proven to be far more secure and simpler to deploy and use.
So, why the reluctance to go Passwordless, despite the evidence?
Our poll asked that question of a group of cyber security professionals. While most respondents were clear in the comments section that they were considering MFA solutions for their companies or customers, their reluctance had kept them from making the switch.
Let’s go through the results and address the perceived challenges one by one.
1. Change is too difficult: 33%
The perception that switching to Passwordless is difficult is understandable, especially the larger the company. Often companies have systems in place that rely on a username and password for access, and the thought of changing from these complex systems can be daunting.
The reality? Deployment of a true MFA-inherent passwordless solution can be crazy fast and super simple – up and running in a matter of minutes – to less than a day – completely bypassing legacy systems and requiring no credentials at all.
Let’s take a look at how TraitWare’s passwordless MFA solution works, as an example.
Step 1: Provide access to TraitWare for the applications you want to go Passwordless
Step 2: Distribute individual access codes via message to each end user
Step 3: Users install TraitWare mobile app
Step 4: Verify Identity via biometric authentication (fingerprint, etc.) on mobile device
Step 5: Scan QR code when prompted
… AND, YOU’RE IN.
TraitWare’s patented technology is able to look at traits that are unique to the way a user uses their mobile device. If there is any unusual activity, security measures are in place to prevent unwanted access.
2. Too expensive: 23%
A true MFA solution should actually SAVE you money.
By eliminating the number one threat of data breaches (which will cost companies upwards of 6 Trillion this year) and cutting 60% or more on access support costs (See TCO calculator), TraitWare is a fraction of the cost of most solutions, at $3/user/month, requiring no supplemental hardware, little to no additional IT support or maintenance costs, and no need for any additional identity access solutions.
3. I don’t trust modern technology: 25%
Trust is a tough one – especially as it relates to the security of your company. Trying something new can feel like jumping off a cliff into the dark unknown.
TraitWare undergoes ongoing rigorous independent 3rd party testing to verify the integrity and security of the product, and has been vetted by trusted organizations like Citrix.TraitWare is one of three solutions carrying the Citrix Ready certification. TraitWare guarantees greater security for your company by eliminating the possibility of credential theft through phishing attacks, shared information, and vulnerabilities inherent with legacy login. Now with remote work, with access to company resources from devices outside of the organization, the risk for security breaches is high, as incidences have shown.
The reality is that NOT modernizing access and authentication methods will pose greater risk for your company.
4. I don’t know the alternatives: 19%
MFA has been adopted by forward-thinking organizations for years, but the technology has come a long way since its beginning. TraitWare’s unique patented technology vastly simplifies and secures the process from onboarding to login, reducing friction for both IT and for the end user.
But, not all MFA solutions are created equal. It’s important to get answers to some questions while evaluating options.
a. Is the solution true MFA?
Many companies claim to provide multi-factor authentication solutions, but some are simply layering MFA on top of the username and password method. This poses another set of problems. You are still requiring legacy methods, which are inherently messy and what you were trying to get away from in the first place. Simply providing a Band-Aid fix doesn’t take away the pain of remembering passwords, nor the possibility of stolen credentials. Choose a truly Passwordless solution for greater security and a LOT less friction for all.
TraitWare was built from the ground up as an MFA-inherent, passwordless solution, and eliminates steps, rather than adding extra work for the user – taking away the stress and security threat of having to store multiple passwords.
Other companies provide MFA solutions that hook into other Identity Providers. While TraitWare can work with identity providers (Okta, etc.) as well, it is a stand-alone, fully plug-and-play IAM solution, requiring no additional identity provider, thus saving you cost. As long as your applications allow MFA, and are SAML or OpenID Connect (OIDC)-enabled, TraitWare can be easily integrated.
b. Is it Single Sign-on (SSO)?
SSO dramatically decreases friction for the user, keeping all company applications in one window.
While it may seem that having only one access point to multiple applications would come with greater security risk, many argue that it’s actually the opposite. With less attack surface and fewer instances of potential error, SSO can actually reduce risk. However, if customers choose, TraitWare offers both SSO and Siloed login to individual resources.
c. Is there software to install?
Ideally, the solution would not require IT support or complicated software for installation. Rather, it should simplify the login process.
TraitWare is easily deployed, as described above, using a mobile app on a mobile device.
d. Is there hardware to purchase?
Some solutions require a physical token or key to authenticate. TraitWare works with a mobile device the user already has. In this way, the user is tied to the login directly – doing away with shared credentials and devices that can be lost or left attached to a computer and easily used for access.
Many ask what happens if the user loses the device. With TraitWare, reset is a simple admin reset process and the user will be up in running again immediately.
For more information and answers to your questions about how you can take your company Passwordless, please reach out to us any time, visit us at www.traitware.com, or ask us for a quick demo. We’ll be glad to hear from you and excited to show you how easily you can take your company Passwordless!