Strong authentication in the mobile world
Andrew Lintell, Director of Sales, Identity Assurance, EMEA at HID Global
Emerging technologies, such as smartphones and cloud computing are increasingly enabling employees to access more applications remotely whilst on the move. With 72 percent of global businesses reporting that flexible working technologies such as smartphones, tablets and cloud computing are contributing to increased productivity, according to a recent study by Regus, IT managers need to ensure that this productivity is enabled while also protecting sensitive company data.
Smartphones, for example, can allow employees secure access to buildings, data and applications in the cloud whilst maintaining a high level of security. With an increasingly mobile workforce, companies need to develop and implement strategies to reduce the risk of data breaches while ensuring employees can access the data they need in order to complete their work tasks.
The challenge facing today’s IT security managers
Today’s employees naturally want to be able to access what they need for their work from any location. They may be at home on a desktop, or they may be travelling using a mobile, tablet or laptop. Indeed, according to Click Software up to 70 percent of employees regularly use their smartphones to check their emails outside of the office.
However, these variables can significantly increase the risks to your own data both on premise and in the cloud, especially if you’re only employing a traditional static password authentication system. Keystroke logging tools, phishing techniques, eavesdropping or even a peek over an employee’s shoulder could compromise your security. In fact, PwC’s recent ‘2015 Information security breaches survey’ found that 90 percent of large companies suffered a data breach of some kind over the past year, with SMEs reporting 74 percent, an increase of 9 percent from the year before.
IT Managers looking for a solution to these security risks need to examine the prospect of implementing a strong two, or multi-factor authentication solution for mobile access networks and data. These techniques significantly reduce the risk of data breaches while also giving employees complete flexibility to be as productive as possible by utilising additional factors to establish a user’s identity.
In fact, these kinds of authentication methods could soon become corporate requirements in Europe, with cybercrime on the rise, the European Union is implementing its Network and Information Systems Directive (NIS) Directive to tackle these incidents. It will require many businesses to apply procedures that will demonstrate effective use of security policies and measures. Failure to do so could not only result in a poor reputation for data security, but could breach European data protection and information security requirements and enforcement actions.
The danger of alienating employees
However, there remains a dilemma for many decision makers looking to on board newer, safer security solutions. The wrong implementation of a mobile authentication solution could result in severely compromised convenience for a company’s user base, resulting in an extremely poor user experience. While security is tightened, perhaps through multiple passcodes and other authenticators, employees are likely to resent the time consuming procedures they need to go through in order to access corporate data. As a result, they’ll likely resort to sharing compromising data through alternative channels outside of an authenticated pathway. Companies are in danger of alienating their workforce by implementing an authentication solution without considering the user experience in the process.
Thankfully, the advent of next generation strong authentication techniques combined with new enabling technologies in mobile devices avoids this issue and in doing so maintains a seamless user experience. Tap authentication for example – a combination of next generation strong authentication tokens/devices that leverage NFC or Bluetooth enabling technologies – has the capability to create a better user authentication experience. It is a cloud-based solution, that is simple to set-up and support for IT professionals, and easy to use for employees – the employee simply ‘taps’ their smart ID card, the same card they use to open doors, against their mobile or tablet to securely access over 2,400 cloud applications, including Microsoft Office 365.
As such, today’s next generation strong authentication model enables enterprises to:
- Create converged solutions that not only deliver secure logical access to the network and cloud-based services and resources, but also control physical access to buildings
- Support mobile security tokens that give users an extremely convenient and secure access solution they can be used on smartphones or tablets, resulting in a great user experience
- Integrate intelligence for enhanced security including device identification and using built-in technologies such as GPS for location awareness
- Achieve more effective threat protection using multifactor authentication as part of a multi-layered security strategy
Strong authentication thus has a vital part to play with an increasingly mobile workforce. With tap authentication systems being both secure and providing an enjoyable user experience to employees, IT decision makers would do well to consider how best to employ this methodology to securely protect their network and IT infrastructure solutions.