The challenge presented to enterprises from the bring your own device (BYOD) trend is growing – and so is the cost of implementing authentication strategies, according to a report from authentication specialists Encap.
The study found enterprises with around 3,000 employees could save more than $165,000 (£106,000) by shifting to smart device-based software from hardware-based solutions for vital authentication in BYOD era.
In terms of capital expenditure, the deployment cost for hardware one time password (OTP) is $202,000 (£129.395) vs. smart device-based software at $9,000 (£5,765), representing a 95 percent decrease in cost, according to the company’s findings, and noted hardware OTP replacement costs are over 90 percent more expensive than all software based approaches. Annual cost per user studies found SMS OTP is the highest annual cost at $35 (£22), when compared to $15 (£9.60) for smart device-based software.
In conclusion, the report determined smart device-based software is at least 60 percent less expensive than all other software based approaches in terms of annual costs per user. The study analysed the average cost of the six most prevalent approaches to authentication for a large enterprise with 3,000 users over a three-year period.
“Having invested in remote access and cloud apps, enterprises must do everything possible to simplify speedy and secure access. Smart device software authentication turns smart devices – enterprise or employee-owned – into security credentials at an unbeatable price point,” Thomas Bostrom Jorgensen, CEO of Encap said in a press release. “Our study shows that the time for hardware-based authentication has passed – it is just too expensive when compared with the alternatives.”
These approaches included hardware, such as hardware OTPs and smart tokens (a USB or smart card), as well as software, like the aforementioned smart device-based software, mobile OTP (usually an app), PC OTP (via a web-browser) and SMS OTP. All of the approaches are two-factor authentication where the user requires something they have (a card or token) and something they know (password or PIN) to gain access.
“But this is about more than just cost,” Jorgensen continued. “Employees – people – want simple access across a range of devices. Similarly, IT managers want to easily integrate authentication without painful provisioning and replacement issues. Hardware approaches are incompatible with today’s world of smart devices, remote access and cloud apps. It’s time for a change.”
Are you a security guru? Try our quiz!
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…
US prosecutors confirm earlier reports, demand Google sells off Chrome web browser and end default…
View Comments
At a time when many organizations are struggling to figure out which methods of authentication are best suited for their company, I think it is about time that organizations start to offer 2FA (Two-Factor Authentication), where users can telesign into their account. It's very important that the leading companies in their respective verticals are giving users the appropriate additional layer of authentication for access and transaction verification without unreasonable complexity. In fact I am not sure why 2FA has not become industry standard. This should be a prerequisite to any system that wants to promote itself as being secure.