Blog_Mobile_ Security

All hail biometrics?

It’s predicted that virtually every mobile consumer device will incorporate some form of biometric authentication by next year. But, seemingly not content with this overwhelming dominance in the consumer space, biometrics now appears to have its heart set on the enterprise crown – with the emerging generation of business laptops as its first foothold. Gareth Kershaw explores its ‘vaulting ambition’ and five reasons why it could be great for your business mobility.

To be thus is nothing; but to be safely thus…” Macbeth, Act III, Scene I. 

Ha! And they said I couldn’t kick off a tech blog with a bit of Shakespeare!

For the unfamiliar, having murdered King Duncan and pinched his crown, Macbeth has just decided that he’d better do away with his best mate Banquo too. You know, just to firm things up a bit. 

Not perhaps immediately resonant where mobile security is concerned, I admit. 
But as regular ThinkProgress readers are probably eye-rollingly aware, I do like a left-field analogy. So here it comes: 

Business mobility is one thing, but to be safely business mobile is quite another. 

Today, every user is a target, and that means their devices – especially their mobile devices – are too. Phishing, malware, ransomware, hacking, cracking, you name it, the cybercriminals have their sticky fingers in it. 

Suffice to say that makes enterprises increasingly vulnerable. And with little choice but to start upping their mobile device security game, they’re turning to a new and more and more familiar (and convincing) pretender to that throne: Biometrics. 

Restricting access to devices and networks by the simple expedient of making 
the user physically prove that they are who they say they are – think the iPhone’s fingerprint scanner – biometric authentication employs tangible, unique biological characteristics like face, voice, iris and, obviously, fingerprint recognition.

Some enterprises haven’t cottoned on quite yet. But given the array of common sense but compelling reasons for adoption, it’s surely only a matter of time before they must, and do. And Biometrics settles in for a lengthy reign. 

Why? Well here are five headline reasons to be going on with… 

1. An escape from password hell

Password protection has long been a security staple. But, ironically, it’s also 
one of today’s major attack vectors. Indeed, as many as 80% of all company data breaches have been attributed to weak, over-used, easily-hacked passwords*. Even strong password policies can still leave mobile devices at risk. 

2. Happier users

Biometrics often suits users better too. For one thing it’s fast. And, as most of us know from bitter experience, there’s nothing easier than forgetting a password. Or more frustrating. Especially when there’s all manner of irritating, time-consuming hoops to jump through to reset it. It’s just as costly and annoying for IT too. The benefit of biometrics here? Well you’re hardly going to forget your face.

3. Greater accountability

Data governance and accountability continue to climb the corporate agenda. And biometrics is useful here too, enabling the enterprise to keep close tabs on who is accessing its devices and networks (and potentially breaching security), and when. It’s effective in workforce management as well, via applications like time-sheeting. 
Passwords, by comparison, are prehistoric. 

4. Safety in numbers? 

With more than 60% of companies already utilising biometrics to some degree, 
and nearly half using it specifically to secure their mobile devices**, the direction 
of travel is obvious: if you’re not using it already, your customers and suppliers will soon expect you to be. Especially as the Internet of Things (IoT) continues to gain traction, increasing both data volumes and value. 

5. Strong ROI

According to Forrester Consulting one bank achieved ROI of 191% against biometric security. Enough said?

Biometrics is therefore something that we at Lenovo take very seriously. 

All our new ThinkPads incorporate ThinkShutters for instance: physical camera shutters that allow users to cover their webcams when they’re not in use. While 
our Match-in-Chip fingerprint readers ensure fingerprint data never leaves the chip.

Then there’s ThinkPad PrivacyGuard, which uses infrared cameras to alert the user should someone sneak up behind them.

The new BIOS features Secure Wipe, which can securely erase the SSD’s contents. And there’s self-healing, which lets you revert to a safe BIOS backup in the event a cyberattack strikes at BIOS level.

Not that biometrics is perfect of course. Its identifiers can’t be changed if compromised. Some of its technologies can be impacted by environmental factors like dirt and humidity. Others are prone to spoofing and, because user consent isn’t necessarily sought or required, privacy issues may begin to emerge. 

It is gaining ground though. Rapidly. So don’t be surprised if it suddenly seems to  be on every device in the kingdom… “At one fell swoop” (Macbeth, Act IV, Scene III) ;)

* Verizon Data Breach Investigations Report 2018
** Source: SHRM

Gareth Kershaw - Author

Gareth Kershaw

Cutting his editorial teeth in the still callow IT press of the mid 1990s, Gareth Kershaw is a specialist technology and business writer of more than 20 years’ experience.

Spanning roles from journalist to editorial director and virtually everything in between, his career has encompassed regular contributions to a wide range of technology media titles – including Computing, Computer Reseller News, Channel Business, and Microscope – as well as the national press.

While his two decades in technology have seen extraordinary transformation and change from one end of the industry to the other, his philosophy tends to remain one of “plus ca change plus c’est la meme chose”.