OpenVPN Security Advisory: Dec 14, 2018
Action needed: Important update for OpenVPN Access Server

Biometric Security for Businesses

Recap from the August 13th, 2019 CISO/Security Vendor Relationship Podcast

by Lydia Pert

A password is supposed to help secure accounts and keep sensitive data protected — but the problem is that traditional passwords are often more of a liability than an asset because employees don’t heed the warnings. Employees often reuse passwords, neglect changing their passwords, leave the default password, or use weak passwords. In fact, a recent OpenVPN survey discovered 25% of employees reuse the same password for everything.

As hackers get craftier, and as traditional passwords get harder to secure, a more reliable form of authentication needs to be implemented — and increasing character lengths or the amount of times the password needs to be changed just won’t do the trick. As Steve Prentice explained in the latest CISO Cloud Tip, “Challenge questions and strings of letters, numbers and characters might soon be coming to the end of their functional life, as security companies start to roll out biometric and behavioral security protocols in their place.”

Biometric Security Options

Companies like Apple and Google are just a few that are testing and rolling out biometric authentication options. Google is working on a password replacement technology that uses a "trust score" to authenticate users. The technology measures things like the user's voice, their movements, facial features, and typing speed to assign a “trust score.” If the score is high enough, the device provides the user access to the desired account. And Apple has made it so the future of authentication is already here. Apple has implemented fingerprint and facial recognition on its iPhones so all users have to do is touch the thumbpad or look at the screen to be granted access — and that type of technology is rapidly growing within the workplace.

These companies have all taken a similar approach. The new password, they believe, is the user. Rather than remembering obscure number/letter combinations, coming up with long passphrases or using a password manager to supplement the memory — an employees biometric information becomes their key. But the newest development in all of this is the availability of huge amounts of data in real time, which can be used to analyze a much larger set of behavioral activity, not simply an unusually timed login. This can then be managed by an Identity-as-a-service (IDaaS) company that would take over the administration, upkeep, and security of its clients using the as-a-service model.
biometric security tip quote

Future Password Security

As authentication changes, business leaders need to be aware of the disadvantages associated with biometric security. For instance, when it comes to things like facial recognition, any changes in appearance (facial hair, weight changes, colored contacts) can throw off the technology. The angle of an employees camera can also cause issues with authentication because multiple angles are needed to identify a face. And when it comes to fingerprint recognition — if your employee burns their finger when cooking, the system might not be able to match their burned finger with the existing print on file.

But cons aside, this password replacement technology can be very reliable, and much more secure than a typical written password. Anybody can guess a password, but they can’t make their face look like an employees or change their thumbprints to match someone else. And as a bonus, employees won’t have to worry about remembering a different complex, nonsensical password every couple of months. With the way the future of authentication is shaping up, a retinal scan might very soon replace the old challenge of your mother’s maiden name — and biometric security will make it safer for organizations to conduct business on computers and online.

Share