Survey Of IT, Authentication Pros Reveals Greater Insecurity

Malware and poor passwords ranked as greatest perceived threats, according to PhoneFactor

October 30, 2009

3 Min Read


Overland Park, Kansas, October 26, 2009 " Today's IT security and authentication professionals have less confidence and greater security concerns for their organizations than last year, according to a recent study by PhoneFactor. The company, a leading global provider of two-factor out-of-band security services, surveyed more than 250 information technology professionals regarding threats, authentication and possible solutions to today's security issues.

"The survey results were clear " organizations need heightened security now, more than ever," said Steve Dispensa, Chief Technology Officer and Co-Founder, PhoneFactor. "The rapid rise in malware and cyber attacks, insecurity of username and password identification and users' disdain for one-time-passcode (OTP) tokens, make out-of-band authentication a great solution for companies looking to increase security without building adoption barriers, such as price or difficulty of use."

Key findings in PhoneFactor's landmark study include:

  • Nearly one-third of responds felt malware installed on PCs posed the greatest external threat to their company's IT security in the next 12 months. Another 16.60 percent indicated that malware on mobile devices presented the greatest threat. Together, 57.60 percent of respondents felt malware (on PCs or mobile devices) was the greatest data security threat today. Poor password policies ranked second at 27.67 percent.

    • Nearly three-fourths (72.08 percent) of respondents don't believe a username and password are adequate to protect access to corporate data.

    • Nearly two-thirds of companies ranked IT security "high" on their priority list, a 15.56 percent increase over the previous year's survey.

    • Only 35 percent of respondents feel their company's current authentication system is "very" or "extremely" secure " a 16.62 percent decrease from last year. As security threats continue to increase, this inversely related danger-to-confidence relationship poses a huge threat to many businesses and consumers.

    • One in four (25 percent) respondents reported that their company's network or data had been compromised, up from one in five (20 percent), from last year.

    • More than half (57.36 percent) of respondents believe users would prefer to carry a cell phone over other two-factor authentication devices, including a security token or fob, a USB token or fob, a grid card, or a smart card. In fact, the majority of respondents " 70.31 percent " agreed with Wired's statement that security tokens are a "top 10 worst gadget ever."

    • More than two-thirds of respondents feel that their employer is either "extremely" or "very" responsible for protecting their personal or financial information. That number increases to more than 75 percent when asked about giving outside companies access to personal information as general consumers. In fact, a whopping 51.50 percent reported they feel businesses are "extremely" responsible for protecting their personal information.

      By combining out-of-band authentication with real-time fraud alerts, PhoneFactor offers the strongest level of security for protecting employee and customer access " and is more cost efficient and easier to implement than other two-factor authentication methods. The PhoneFactor platform utilizes the telephone network for the second factor of authentication, which ensures protection against keystroke loggers and man-in-the-middle attacks, a primary concern of many respondents. PhoneFactor can be used to strongly authenticate any user login or to verify specific high-risk transactions, such as wire transfers, so even if the user's authenticated session has been hijacked by malware running on their computer, their account is still protected.

      For more information about PhoneFactor's unique two-factor out-of-band authentication platform visit

      About PhoneFactor

      PhoneFactor is an award-winning two-factor authentication service that uses any phone as a second form of authentication. Its out-of-band architecture and real-time fraud alerts provide strong security for enterprise and consumer applications. PhoneFactor is easy and cost effective to set up and deploy to large numbers of geographically diverse users. PhoneFactor was recently named to the Bank Technology News FutureNow list of the top 10 technology innovators securing the banking industry today. PhoneFactor was recently named to the Bank Technology News FutureNow list and has been awarded an eWEEK Analysts Choice Award in addition to being recognized by numerous analysts and industry leaders.


      Brittney Cochran Pierpont Communications, Inc. (713) 627-2223 x1122 [email protected]

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights