Duo Security at Cisco has provided yet more evidence of people’s changing authentication habits during the COVID-19 pandemic. The findings come in the company’s 2020 Duo Trusted Access Report, which analyzed 26 million devices and 700 million authentication events.
In the broad strokes, Duo found that COVID-19 has accelerated the corporate transition to the cloud. That, in turn, has forced the overwhelming majority (96 percent) of organizations to update their cybersecurity policies to protect themselves in the new environment, with more than half implementing some form of multi-factor authentication.
Both trends reflect the need for secure remote work solutions during the pandemic. Many businesses utilized technologies like Virtual Private Networks and Remote Desktop Protocols to make sure that their employees would be able to access sensitive materials at home. That created a 60 percent spike in overall authentication activity (from 600 to 900 million monthly events), while the number of authentications for cloud applications went up 40 percent.
Of course, there were a few hiccups along the way, especially once people started using their own devices to access work resources. The number of access attempts that were blocked because the person was using an out-of-date device jumped an astonishing 90 percent in March, though that number went down just as quickly in April as people updated their technology setups.
Other trends highlighted in the report include the declining popularity of SMS authentication and the growing prevalence of biometrics on mobile devices. Windows was far and away the most popular operating system (Mac OS X was a distant second), though many healthcare organizations were still using obsolete (and vulnerable) Windows 7 tech. On the mobile front, iOS users downloaded security patches more quickly than their Android counterparts.
Finally, the report showed that cloud applications will soon be more common than on-premises ones. On-premises apps accounted for 18.5 percent of all Duo authentications, while the cloud accounted for 13.2 percent. However, the cloud number is up 5.4 percent for the year, while the on-premises number is down 1.5 percent for the same period.
“As the pandemic began, the priority for many organizations was keeping the lights on and accepting risk in order to accomplish this end,” said Duo Security Global Advisory CISO Dave Lewis. “Attention has now turned towards lessening risk by implementing a more mature and modern security approach that accounts for a traditional corporate perimeter that has been completely upended.”
The Duo report corroborates IDNow statistics that showed a similar change in authentication patterns during the pandemic, and a shift towards selfie authentication in particular. Duo’s 2019 Trusted Access Report found growing support for zero-trust security protocols.