UK Businesses: It’s Time to Ban Your Mother’s Maiden Name

Last month we released our first ever “Businesses @ Work” Report, which shares findings from our network of 4,000 applications, thousands of custom integrations and millions of daily authentications and verifications around the world.

Our dataset identifies several fascinating industry trends for those making or considering significant investment in cloud and mobile. As head of Okta’s UK operations, I was interested in the tendencies on our side of the pond. Are us Brits bucking the trend in any sense when it comes to how we work?

Well I found the answer is, yes we do – but not necessarily in a good way. The biggest point that gave me cause for alarm is that UK businesses won’t let go of the security question as a form of verification. While the global trend is for companies to move away from questions about birthplaces and bloodlines as verification methods – having dropped 14 percent worldwide since April 2014 – usage of traditional security questions in the UK actually increased 17 percent in the same time frame.

With new authentication options on the market, our report showed that companies and employees worldwide are moving away from using passwords towards greener, more secure pastures. The advent of social media has made it easier for hackers to triage personal information, to then answer traditional security questions. In this day and age, it’s really not hard to find out your mother’s maiden name or your first pet’s name.

This is prompting businesses around the world to favour simpler, more secure methods of verification like SMS and push notifications for phones and watches. What’s more, businesses are increasingly leveraging authentication methods that are easy to use and more secure, instead of traditional security questions – except for businesses in the UK.

verification factors 1024x562

It’s clear that UK businesses need a better way to secure and control a number of users, devices and applications that span traditional company and network boundaries, such as adaptive multi-factor authentication and cloud-based identity and access management. We’ve been working with Gatwick Airport to deploy Okta solutions to solve these issues, and it’s being used to great effect. This technology will enable UK businesses to quickly and securely adapt to the ever-changing technological environment, and be far less at risk to cyber criminals who could very easily infiltrate their systems by hijacking easily discoverable personal information.

To learn more, check out our full “Businesses @ Work” Report at And share your thoughts with us @Okta_EMEA with the hashtag #BusinessesAtWork.