Ensuring security in today’s smarter, digitized and connected offices is a continually evolving puzzle as new technologies and threats emerge. Over the past few years, the scale and complexity of the challenge has increased as businesses have pivoted to enable working from anywhere (WFA).
WFA, which covers all types of agile working arrangements, including compressed hours, flexi-time, job-shares or remote working, brings additional security challenges. How can businesses increase protection without exponentially increasing the burden? A cornerstone of the solution could lie in biometrics, which, when applied to access control, enable enhanced security in a frictionless way and unlock a smarter working environment for employees and employers.
New ways of working
Before 2020, WFA was already gaining momentum, having expanded by 140% since 2005. Corporate giants and small and medium-sized enterprise organizations alike now recognize the benefits of a hybrid model. Recruitment surveys from the U.K. show that 92% of millennials identify flexibility as a top priority when job hunting. Bosses are also realizing the benefits, as 70% of UK employers feel it makes them more attractive, often experiencing enhanced productivity with a work from home model.
Maintaining security has been a longstanding issue for businesses, but with a computer hack occurring every 39 seconds and the predicted business losses from breaches set to be $6 trillion (doubling since 2015), the stakes could not be higher. However, when employees work from anywhere, maintaining robust security is a challenge.
WFA in shared environments increases the risk of ‘shoulder surfing’ to steal authentication credentials, estimated to be the cause of 60% of hacking incidents. Additional issues arise as employees are at greater risk of leaving corporate devices unlocked and unattended, heightening the risk of device or credential theft.
Businesses face other risks associated with WFA. As working hours become less rigid, enterprises need to ensure that their offices are protected 24/7 while allowing seamless access for employees. Complicating the issue further is increased physical threat activity, a trend experienced by 64% of U.S. companies.
An approach is needed that empowers businesses and employees with enhanced and frictionless security to tackle the increased risks of WFA. Amongst the suite of security technologies available to decision makers, the answer could lie in biometrics.
Looking beyond passwords and PINs
Decision-makers want flexibility and convenience balanced with trust — PINs and passwords are no longer the answer. Poor password hygiene is responsible for as many as 81% of company data breaches. Despite this challenge, PINs and passwords are still widely used.
However, many industry figures are beginning to recognize the shortcomings of passwords and PINs. Gartner predicts that by 2022, 60% of large and 90% of mid-size enterprises will implement passwordless authentication methods in over half of use cases. Also, Microsoft abolished their internal policy of changing passwords every 71 days for its 160,000 employees and scrapped its customer recommendation to update them every 60 days, citing the policy as “ancient and obsolete.”
Given this trend, how can biometrics support organizations with frictionless, robust security?
Integrating biometrics in an enterprise setting
Biometrics empower employees with workplace security by making them the key wherever and whenever needed.
Whereas PINs and passwords can be forgotten, hacked or shared (willingly or unwillingly), biometrics cannot be lost and are extremely difficult and expensive to spoof, mitigating security risks and the potential for scalable attacks. With biometrics, security becomes unified across a range of devices and access points including peripherals, VPNs, access pads, smart locks and fobs. Consequently, employers have peace of mind that their employees are fully protected when working from home or another location.
To give an example, one of the most direct ways for enterprises to realize the benefits of the technology is through biometric access cards, which can be thought of as a modern-day key that integrates with existing infrastructure. Alongside providing physical and logical access, biometric access cards can be combined with other uses such as employee identification, registration for attendance systems and resetting alarm systems. With an access card, an employer can set different access rights to restricted areas, like R&D departments, archives, security offices and healthcare settings such as hospital wards and pharmacies.
When it comes to managing biometric access cards, if an employee loses one, there is no risk of unauthorized access, as they will not work without the correct fingerprint. Simplifying management further is the on-device approach to biometric data storage, where the user’s info is stored, matched and authenticated on the card, PC, phone or peripheral. Alongside removing the challenge and cost of managing a centralized biometric database, on-device storage prevents hackers from accessing employee data sets.
To support employee engagement with biometrics, the on-device storage approach removes a privacy headache and reduces anxieties among employees worried about centralized storage of biometric data. Also, in this contactless age, biometric access cards help promote office hygiene, since workers wouldn’t need to handle PIN pads.
Unlocking an empowered workforce
Decision-makers face a growing challenge as they aim to strike a balance between supporting employees and employers with robust, efficient security. Traditional security methods such as PINs and passwords are falling out of favor for access control. Biometric technologies represent an innovative step in enterprise security. By integrating biometric access cards, for example, businesses can institute a seamless, simplified access solution that helps promote trust with their employer and empowers employees to be productive.