However, as smartphone capabilities evolve, the balance between “IT friend” and “IT foe” must be constantly re-evaluated. The advent of mainstream biometric technology in smartphones is a great example of how the tables might be turning. But what is the true potential of this technology for the enterprise?
Biometric technology certainly opens up a host of new possibilities and an entirely new level of security for BYOD devices. For a start biometrics does ‘feel’ – pun intended - more secure than passwords. After all, biometric information can’t be easily guessed or shared among users, and therefore offer the potential to deliver a higher level of assurance, at least for basic device access.
But could the benefits go further? It’s inevitable that personal devices will hold ever-increasing amounts of corporate data – and with confidence in passwords fading it is hoped that biometrics will lead the way towards greater security and data protection within the enterprise.
Biometrics is particularly well suited to mobile devices with their plethora of on board sensors – including cameras, microphones and the fingerprint technology now boasted by Apple.
Traditionally, the only way to get this type of authentication technology in the hands of corporate users was by giving dedicated tokens which are costly and complex to deploy, often representing a barrier to all but the most security conscious (and well-funded) organizations.
Using the actual phone as a token is not only cheaper for businesses than issuing tokens to the workforce, it also means that the same experience can be applied when accessing apps from a phone or from the desktop or even physical access – and when it comes to security, consistency is a good thing.
This is where the phone really does become a corporate ally, bypassing the huge expense of giving staff traditional authentication tokens such as OTP widgets and smart cards. There’s also the fringe benefits that people never forget to bring their phone to the office and since it’s a familiar device the user experience is improved years of experience tells that happy users don’t try to dodge the system in an attempt to side-step inconvenient controls.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.