It’s All About Strong Authentication
Author(s): Terry Hartmann, Posted on May 30th, 2012
In the healthcare industry, lives hang in the balance. Financial services companies need to extend credit to the right people at the right time. Transportation sector strives to fuel the supply and demand sides that impact the entire gamut of social and economic activities of a country.
In such an environment, organizations look for ways to transform business processes for increased operational efficiency and innovation. And this is where disruptive trends like mobility and social collaboration become a reality – to enhance employee productivity and make knowledge sharing an integral part of the workplace culture.
But while mobile devices and collaboration tools increase employee mobility and productivity, they also create new risks in the form of data breaches and information theft. A number of high profile security breaches have occurred recently, putting the limelight on affected organizations. These events have had a negative impact on the reputation of these companies, and may lead to loss of business.
To thwart data leakage, businesses need to enable secure remote access to enterprise data by securing user access and validating identities. It is time to re-evaluate the overall approach to user authentication, and take a fresh look at enterprise identity assurance strategy.
So, the motivation for change is clear. The question is what’s next?
For decades, passwords have been the standard means for user authentication. But the problem with passwords is that a simple password can be guessed or hacked, and a complicated password is difficult to remember so gets compromised by being written down somewhere. Furthermore, forgotten or lost passwords can result in significant costs.
The need of the hour is a strong authentication solution that secures the process of validating identities by combining two or more authentication mechanisms – “something you have” (a smart phone), “something you know” (a PIN/Passphrase), “something you are” (a biometric feature like face/voice), ), “something you receive” (one-time-password), and “where you are” (GPS) to confirm that the end user is genuine.
Biometric technologies provide the most efficient means to uniquely identify a person and enhance the identity confidence within an organization’s decision making process. It is good news then, that, the public has become increasingly accepting of biometrics technologies and systems, rather than view it as an invasion of privacy. According to the latest edition of the Unisys Security Index, 37% of American respondents prefer biometrics such as fingerprints, voice or facial images to secure mobile work devices outside of workplaces, and these figures are reflected similarly elsewhere, for example 50% Colombians prefer biometrics to protect data while using mobile devices.
For organizations wishing to respond faster to business opportunities, comply with regulations, attract customers, and reduce security vulnerabilities, mobile device enablement coupled with a strong and robust authentication system can help them in achieving their security goals. The eco-system must provide employees and end-users with the means to be enrolled, and to authenticate themselves in a variety of different environments and applications. This enables organizations to resolve significant challenges in managing and auditing user access to information systems, and securely seize new revenue and service opportunities in a web-based world.