IBM supports biometrics for corporate BYOD use
IBM stated in a recent blog post that it expects that the addition of biometrics to personal mobile devices will enhance security surrounding corporate “bring your own device” (BYOD) policies.
BYOD refers to the policy of permitting employees to bring personally-owned mobile devices (such as laptops, tablets, and smartphones) to their workplace, and to use those devices to access privileged company information and applications.
The article, written on behalf of Big Blue by freelance writer Sue Poremba, notes that: “IT staff often see BYOD as the weakest link in the company’s security chain. It can be difficult to manage, even when there is a BYOD policy on the books. IT usually has little to no control over which personal devices are being used to access the network, and even in a mid-sized company, the number of connected devices could become overwhelming. Mobile device owners also often practice minimal security, if any at all, so many of those devices connecting to the network fail security best practices.”
The post thus notes that mobile device biometrics could lessen many BYOD-related security problems facing IT departments by forcing employees to utilize security options on their devices, in order to better protect data if the device is lost or stolen.
While the article acknowledges potential security problems inherent to biometric technology, it argues that biometrics is best used as part of a multi-factor authentication security solution. The article notes that “adding mobile device biometrics to BYOD provides another layer to security, and the more security methods a device provides means a better chance at safer data.”
Article Topics
biometrics | consumer | mobile | secure identification | security | smartphone | smartphones | tablet
IBM supports biometrics for corporate BYOD use http://t.co/wYCzkxuBQb
IBM encourages biometric use for BYOD | BiometricUpdate http://t.co/xHUiykT858 #biometrics
I hope that IBM people are aware that the vendors of biometric products which need to be operated together with passwords for fallback/backup/self-rescue by OR/Disjunction (as against AND/Conjunction that is common for 2-factor authentication) should explicitly publicize that
(A) The biometric product raises the convenience at the sacrifice of security when the user keeps using the same password.
&
(B) The biometric product could raise the convenience without sacrificing security when the user changed the password to a largely-harder-to-break password (with a footnote that the password should be remembered, not carried around on a memo and that the password should not be reused across other accounts.)
It should also be noted that it is not possible to compare the strength of biometrics used without passwords altogether with that of passwords. There are no objective data on the vulnerability of biometric products (not just false acceptance rate when false rejection is sufficiently low but also the risk of forgery of body features and the risk of use when the user is unconscious) and that of the passwords (not only that the entropy may be as low as 10 bits or as high as 100 bits but also that it can be stolen and leaked.)
IBM encourages biometric use for BYOD | BiometricUpdate http://t.co/Bc9JkXngs0
IBM does cool stuff, but should also focus on the thumbrule: “build little but better …”
#IBM supports biometrics for corporate BYOD use http://t.co/uW2Fbis6RM http://t.co/vvxSrpXNUW
#IBM supports biometrics for corporate BYOD use http://t.co/Yqunomeevr http://t.co/JOteVKkT5l
#IBM supports biometrics for corporate BYOD use http://t.co/XhW5Vh4Ojs http://t.co/PlUWqkavoD
#IBM supports #biometrics for #corporate #BYOD use: http://t.co/g3vQ7iUC1y via @biometricupdate
rawlsonking2: #IBM supports #biometrics for #corporate #BYOD use: http://t.co/VPulk8VG19 via biometricupdate
IBM supports biometrics for corporate BYOD use – http://t.co/uYwErkjdLk #GoogleAlerts
IBM encourages biometric use for BYOD | BiometricUpdate http://t.co/DNdOOxoWxZ #biometrics