In this online world that we live in, we are faced with multiple security threats. It ranges from general malware to ransomware to phishing attacks. Most people are not IT professionals and sometimes they are not aware of the enormity of attacks they face.
This is why companies like Microsoft usually take the proactive approach to deal with these kind of attacks for their customers. Their customers range from companies using their Azure cloud platform to regular Joes who still insist on using Windows 7 on their personal laptops.
David Weston, Microsoft’s Partner director of OS Security was the main keynote speaker of the Microsoft Security Roundtable at their offices in South Africa. David is the leader of the Offensive Security Research Team “Also known as the RED TEAM” that is responsible for detecting and responding to ‘global adversaries.’
He painted a picture of the general security landscape of the world. From research, the average cost of a data breach per accident is a staggering $4 million. 5 billion unique threats are created and spread every month. 81% of breaches are due to weak or stolen passwords. The most shocking statistic of all is that 87% of senior managers have admitted to accidentally leaking business data.
Going passwordless
During the keynote, David talked about how going “password-less” is one of the areas they can improve security. This is no surprise. One of the ways is to use the FIDO 2 certification that allows for cryptographic login credentials that are unique across websites and not stored to servers hence eliminates risks of phishing. It also allows for cryptographic login credentials with built in methods like fingerprint readers or cameras.
This new standard has been development and we have seen reports of it being tested in browsers like Firefox and on operating systems like Android.
“I think just about every organization at some point or another has had security challenges related to authentication,” David said to Techweez in a one on one interview. “This is actually one of the few places where you can improve security and the user experience at the same time.
David Weston believes that going passwordless is a huge step forward in the fight against the major threats
“Going passwordless is really that rare occasion where we can really drive up the security value and eliminate one of the biggest threat vectors while making it easier to log into your machines and all associated websites,” he said.
Going passwordless will be ‘natural’
He also believes that this adoption will be seamless. There is usually this fear of people transitioning between technologies and the push might seem radical. David Weston thinks otherwise.
“In a lot of cases, particularly mobile devices, we’ve been using for some time, almost all of us have a phone in our pocket now that is using thumb prints to unlock,” he said. “I think it is a natural progression of what many users, particularly on the younger side are already used to. So I don’t think actually Microsoft will have to push hard to motivate people.”
