Michel Roig, President, Head of Payments & Access at Fingerprint Cards discusses if biometrics can be the first step towards a Zero Trust strategy.
Today’s enterprises are being challenged to stay one step ahead of security threats. Data shows that in 2021, the average cost of a data breach reached USD 4.24 million, up from USD 3.86 million in 2020 and the highest in 17 years.
The surge in flexible and hybrid working arrangements (Working From Anywhere – WFA) is making an already challenging situation even more complex. Leaders now need to decide how to combine enterprise-level security with current working models. The timing could not be more critical. In 2021, the average cost of a data breach where WFA was a factor was a million dollars higher compared to non-WFA related breaches, and many organisations still need to adopt a stronger security strategy for cloud-data storage.
An important strategy attracting increasing attention is a Zero Trust approach to security. While organisations consider how to implement Zero Trust in their IT strategies, a first step could be to consider the role of biometric authentication for logical access control, throughout digital estates.
What is Zero Trust security?
First conceptualised over a decade ago, Zero Trust is a security model that is deployed to mitigate the complexities of today’s agile and technology-driven workplaces.
Essentially, Zero Trust entails constant ID verification, assumes breaches all the time, and puts digital estates on a “never trust, always verify” footing across all its aspects: hardware, software, procedures, networks, databases, and humans.
One of the reasons Zero Trust has been attracting attention is because of its role in integrating the highly secure enterprise digital estates with less secure environments. For many organisations looking to level up their security to accommodate flexible working, this is a perfect solution as it throws up a hard security ‘shell’ around employees wherever and whenever they are working. This is a key factor as to why as many as three-quarters of organisations are looking to adopt Zero Trust.
Zero Trust is a broad approach, with several overlapping elements that create robust security throughout the digital estate. Among its key pillars supporting organisations: identity, endpoint, application, and infrastructure security, one binding technology that can help decision-makers to take the lead is biometric authentication.
Getting Authentication right
As organisations develop plans to adopt Zero Trust, authenticating users that interact with digital estates is front of mind.
The fresh thinking of Zero Trust brings an opportunity to migrate away from traditional authentication methods like PINs and passwords. The rationale is obvious. 80% of breaches and hacks can be attributed to compromised credentials, and 60% of people think there are too many passwords to remember. This is having a direct effect on attitudes towards password and PIN hygiene. 40% of us admit to reusing the same one across our personal and professional accounts, and many continue to still use highly predictable ones.
Media contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: editor@securitybuyer.com
