14 DAY TRIAL // There’s a lot of buzz these days regarding the use of biometric technology for authentication. The system's efficiency is questioned by some experts, but others say it could greatly contribute to enterprise security if applied correctly.
All this talk about biometric technology comes after Apple launched the iPhone 5S, a device that comes with a fingerprint sensor called Touch ID.
The implications for users are pretty clear, at least in theory: they can protect their devices and make transactions without having to enter passwords.
But what are the implications of biometric technology as far as enterprise security is concerned?
Ryan Hurst, CTO of enterprise SaaS Certificate Authority GlobalSign, has told Softpedia that biometric technology could turn out to be highly beneficial to organizations looking to protect their data, but it depends a great deal on how it’s implemented.
“The recent confirmation of the integration of biometrics in the new iPhone has many asking what the implications are for enterprises. It is too early to tell for sure as the answer will depend on how they have implemented this feature,” said Hurst told us in an emailed statement.
“That said, as mentioned during the Apple keynote, only about half of smartphone users apply a passcode today making mobile devices carrying sensitive corporate data a huge vulnerability for enterprises. If the biometric technology used on the device is applied correctly this could mean more secure enterprise data,” he added.
“More importantly this will force many enterprises to take another look at their own authentication strategy and ask if biometrics is a viable form of authentication for them in comparison to other stronger forms, such as one time passwords and smart cards, and weighing the security benefits and risks of each.”
Hurst highlights the fact that the use of biometric technology could be beneficial in case mobile devices containing enterprise data are stolen or lost.
“The first rule of security is if the attacker has physical access to your device then the device is no longer yours. However, the use of biometrics has the potential to make it more difficult for the attacker which can significantly reduce the impact of lost or stolen phones containing enterprise data,” he explained.