Biometrics could soon play a role in MDM

Biometrics could soon play a role in MDM

The rise in the implementation of bring-your-own-device (BYOD) programs within workplaces across the UK has led to a number of onlookers to express concerns over whether the security of valuable and sensitive data can be guaranteed.

The complex and thorough levels of passwords and security measures that can be found on PCs and desktops can often be neglected on mobile devices due to users looking for a smoother and more user-friendly experience.

Research firm Gartner has since predicted that 30 per cent of organisations could soon be using biometric authentication on mobile devices by the year 2016, a substantial rise on the five per cent recorded for today.

Ant Allan, Research Vice President at Gartner: "Mobile users staunchly resist authentication methods that were tolerable on PCs and are still needed to bolster secure access on mobile devices.

"Security leaders must manage users' expectations and take into account the user experience without compromising security."

There are currently only a handful of operating systems that support biometric authentication. Even those that do may lack the infrastructure for business use.  

The use of passwords is therefore set to continue for the near-future, although some organisations have already set about controlling the risks of lost devices and data by implementing controls that wipe a device after a limited number of incorrect password entries, or by remote command.

But even these methods are often not fool-proof as Gartner’s John Girard explains: "This practice does not wholly mitigate the risk because solid-state memory is nearly impossible to overwrite.

"The best practice is to use encryption that is not tied to the primary power-on authentication, meaning the key cannot be recovered from the device after a soft wipe operation has been performed."

Gartner also recommends that security leaders evaluate biometric authentication methods where higher-assurance authentication is need. Such methods include interface interactivity, voice recognition, face topography and iris structure.