INFOGRAPHIC
Microsoft survey reveals Middle
East enterprises have ‘long way to
go’ to enhance security
M
ore than four in five large GCC
enterprises still rely solely on
user names and passwords for
authentication to corporate networks,
according to Microsoft’s Digital
Transformation survey.
The research, recently carried out by
Microsoft, asked respondents from almost
1,000 GCC-based organisations a series of
questions about their awareness of, and
attitude to, digital transformation. Questions
on security covered a range of areas, from
data protection to authentication.
The most striking finding was that, at
a time when security professionals are
recommending next-generation identity-
management techniques such as facial
recognition, biometric identification and
two-factor authentication and conditional
access (2FA), just over 80% of large
Gulf enterprises still use user names and
passwords as the exclusive means of log-in.
Only around 11% used a 2FA SMS
notification to support user name–password
authentication. About 7% reported using
fingerprint-scanning and just under 1%
had adopted facial recognition. In fact, the
30
INTELLIGENTCIO
precise proportion of large Gulf enterprises
using facial recognition (0.74%) was less
than that for SMEs (1.08%).
The survey results also exposed a need
for greater protection from unwanted
emails, ranging from nuisance mail
(spam) to more sinister communications
(such as phishing attempts). More than
half (51%) of those reported a 10%-or-
higher proportion of unwanted emails in
corporate inboxes. And 41% admitted to
having clicked on links within such emails
that led to unwanted websites.
The survey also explored the extent to
which large Gulf enterprises have classified
their data. Data classification policies (the
separation of data files by varying degrees
of sensitivity) have long been considered
by security professionals as a fundamental
requirement in guaranteeing robust IP and
privacy protections. However, just over 61%
of those surveyed said their organisation
did not yet have a data classification
solution in place.
“The findings clearly show that many of
the region’s enterprises have a long way to
go to create secure environments for their
customers, employees and their intellectual
property,” said Mohammed Arif, Regional
Director, Modern Workplace and Security,
Microsoft Gulf.
“Traditional security models have focused
on layered perimeter defence and building
‘better walls’. Today, organisations need
to have an always-on and multifaceted
approach to security that constantly protects
all endpoints, detects the early signs of a
breach, and responds before that threat
can cause damage. Modern cloud-based
automated tools, including analytics
based on machine learning and artificial
intelligence, can help expedite response.”
“For example, because of our scale, Microsoft
can build an intelligent security graph that
can be applied to protect all endpoints,
detect attacks and accelerate responses.
Cloud providers can afford to integrate their
products into holistic, machine-learning-
driven, security frameworks, covering
perimeter, infrastructure and data, both
at rest and in transit. Far from being more
vulnerable in the cloud, enterprises of all
scales and industries are safer there, where
they can innovate and grow with peace of
mind,” he added. n
www.intelligentcio.com