New Delhi, Jan 29 Indian enterprises have established an 'exceptionally high security baseline,' with Multi‑Factor Authentication adoption by workforce at 89.4 per cent compared with a 70 per cent global workforce average, a report said on Thursday.
The report from independent identity provider Okta said India’s adoption rose by 4.1 percentage points year‑over‑year, indicating that security remains a top-tier executive priority despite already high baselines.
Further, India's progress aligns with a global shift toward advanced security, with phishing‑resistant, password-less authentication adoption up 63 per cent worldwide, the report said.
While nearly a third of global users still lack basic MFA, India’s near‑90 per cent coverage is a critical differentiator for regional business resilience, the report said.
“India’s MFA adoption rate is a testament to the nation’s proactive stance in digital defence, effectively raising the cost of attack for cybercriminals,” said Shakeel Khan, Country Manager & RVP, Okta India.
However, Khan said that relying solely on traditional MFA methods is "today’s 'security debt." Enterprises must transition to phishing‑resistant, password-less authentication, he said adding, Indian organisations must elevate authentication from a mere compliance checkpoint to a foundational element of competitive advantage.
“Traditional factors like SMS and voice are increasingly vulnerable to sophisticated social engineering. Our data shows that phishing‑resistant methods such as WebAuthn and FastPass close the most critical security gaps and remove the friction that typically slows down a workforce,” said Mathew Graham, Regional Chief Security Officer APAC, Okta.
Security leaders must build an architecture where the most secure way to sign should also be the easiest, Graham added.
The report highlighted that CXOs should now mandate transitions to high‑assurance authentication standards prioritising phishing resistance for all sensitive access and phasing out low‑assurance factors like SMS.
Disclaimer: This post has been auto-published from an agency feed without any modifications to the text and has not been reviewed by an editor