Implementing a password-less environment?

CloudSecurity & GRC

Complete13%

This calendar year28%

1-2 years28%

3-5 years9%

No plans19%

737 PARTICIPANTS
4.1k viewscircle icon3 Upvotes

Content you might like

Which aspects of cloud infrastructure optimization and management can be effectively handled by agentic AI workflows?

Read More Comments

Curious how people are dealing with fraud, and specifically tech support scams, in their organisation. Our service desk have a protocol (using personal questions and answers or escalation to a manager) when validating staff requesting password resets. This wouldn't be scalable to our wider population.  I've heard of one tech firm implementing something simple like 2 random words generated on an internally hosted website every, say, 60s that can be used as a challenge & response. Does anyone have any other smart, easy to use, bits of tech that I should consider as part of a wider on-going education and awareness campaign?  I'm assuming this is a hot topic for many of you, given the recent Quick Assist social engineering ransomware attacks.

Have you implemented measures to defend against device code phishing?

Yes52%

We’re working on it45%

No/not yet3%

View Results

When buying a SaaS software having the requirement of BYOK to protect your data into the SaaS? How would you prefer to implement it?

Pass the keys to be applied periodically to the SaaS provider 22%

Have a third party tool to manage an intermediate keys model 71%

Let SaaS applications call your Key Vault or HSM 4%

No need if SaaS provider use CSP key managed services (let hyperscaler do and manage keys)3%

View Results

To what extent are organisations actually realizing measurable value from AI-enabled capabilities in GRC platforms, and to what degree is embedded AI now viewed as a core, expected feature in GRC tool selection rather than a nice-to-have add-on?

Implementing a password-less environment? | Gartner Peer Community