David Orme, Senior Vice President at IDEX Biometrics ASA
IT security and data protection are crucial factors for business longevity and profitability. Every year billions of dollars are spent bolstering corporate IT security to protect companies from potential cyberattacks.
Since the introduction of the EU General Data Protection Regulation (GDPR) in 2018, any company that falls foul of a data breach will now face fines of up to €20 million or 4% of its annual turnover. In fact, the biggest fine to date was issued to British Airways in September this year. After the personal data of 500,000 of its customers was leaked from their company website and mobile app, BA was fined a hefty £183 million.
The threat of these large GDPR fines is a stark reminder that businesses must enforce stringent IT security policies to remain compliant with new data and IT security regulations and prevent cyberattacks. Yet, alarmingly, a recent study revealed that 74% of corporate data breaches occurred because of abuse or misuse of internal password credentials for secure company accounts.
This shows that cyber attackers are increasingly accessing corporate networks using weak, stolen, or otherwise compromised credentials. Therefore, it’s more important than ever for businesses to ensure only the appropriate staff can access their devices, offices and networks, particularly in high-risk industries, such as finance, banking, insurance or data providers.
The death of the password
It has long been apparent that passwords are outdated and no longer adequate to protect a business’ IT infrastructure and data assets. Now, we are starting to see the continued use of this insufficient mode of authentication putting consumer data at risk and costing businesses money.
To resolve this, companies must move towards more heightened security measures, such as using employees’ physical identities and biometric data to authenticate entry to corporate buildings, networks and devices. Fingerprint biometrics, by nature, are personal to the individual and can’t be replicated, making them the perfect proof of identity to authenticate user access within business environments.
Smart buildings, smart access
Once, gaining access to an organisation’s headquarters through hand or fingerprint scanning seemed like something only needed for top-secret offices such as MI5, or in Mission Impossible films. However, thanks to the increasing amount of data stored on company servers, it is becoming a necessity for most organisations to secure their offices and data centres. This will help protect not only private information, but also the personal details their customers have entrusted them with.
The use of fingerprint biometrics to manage employee access to corporate buildings has already started to emerge. In physical security, fingerprint biometric sensors are currently being used for access control, authentication and employee verification to enter offices and secure data centres. Unlike simple swipe cards and PIN codes, your fingerprint can’t be dropped in the canteen, or shared with a colleague, making them a valuable tool for physical security.
On top of this, when you combine physical security checks with devices and digital security, it results in an end-to-end encryption technology that can work across the organisation, ensuring secure access to both physical assets and valuable digital information.
Furthermore, as we move towards a future where smart buildings appear in our neighbourhoods, biometric fingerprint authentication can also become a valuable and convenient tool to ensure secure access to schools, hospitals and homes.
Use your fingerprint to unlock
The ability to link biometric authentication across physical and IT security means it’s not just building access that can benefit from biometric authentication. Fingerprint biometric sensors can also be incorporated into IT devices to manage access to corporate networks, for example. While Apple only introduced the first iPhone fingerprint sensor in 2012, today it is considered the norm to access our smartphone through a secure, quick and easy fingerprint scan. Similarly, this secure method of validation will soon be considered standard for company devices, from tablets and phones to laptops to desktops.
To achieve this on company desktops, which often never leave the premises, fingerprint scanners can be embedded into keyboards. This confirms that only the approved employee can access the device, the corporate network, and secure data.
Time to embrace biometric IT security
With the threat of data breaches and the penalties that follow them, on the rise, it is now essential for businesses of all sizes to protect their corporate offices, devices and networks more robustly.
Organisations should act now to abandon the use of insecure passwords or swipe cards and embrace innovative biometric technology. Doing so will provide secure, measurable and reliable access for the correct members of the team. By incorporating biometric fingerprint authentication into staff access or having employees log in to their devices or access secure networks, companies will be more able to confidently safeguard their data. Biometric IT security ensures the right people can gain access to the right information and to the right areas of a corporate building, ensuring businesses can put up a greater defence against the growing threat of data breaches.