Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Don’t let fingerprint sensors leave you in the dark

Mark Urban | Sept. 23, 2013
It would be dangerous if businesses think Touch ID will keep their corporate data safe on their employees’ new iPhones

Since 20 September, Apple fans have been able to get their hands on the new iPhone 5s and 5c. Critics have been generally positive about the new operating system and the 5c offering choice to consumers.

The evolution of the smartphone in the past decade has been well documented and today Apple and Samsung own over half of the global smartphone market. Apple, in the attempt to speed ahead of Samsung, has concentrated on device security with the introduction of Touch ID fingerprint scanner on the iPhone 5s. But the question is, will data be protected?

Smartphones, phablets and tablets would only be scrap metal if they were not filled with the popular messaging, social media and gaming apps. As the popularity of mobile devices increased, more users began using them for work, downloading apps that helped them do their jobs more efficiently.

It's interesting to think about how your finger can protect all this information.

Fingerprint sensors are smart, no question. It makes it easier for people to buy because transactions can happen with the swipe of a finger. Passwords are dying because there are too troublesome to remember and often too easy for cyber- or real-world criminals to crack. Fingerprint scans definitely add a level of security to the device itself and that should hopefully help reduce device theft.

However, it would be dangerous if businesses think Touch ID will keep their corporate data safe on their employees' new iPhones. Having a fingerprint sensor only prevents physical intrusions but not threats that come from online sources while the employees are using the device. The sensors will not help manage which apps employees download or scan to see if the app accessed is legitimate. So to ensure the security of corporate data, the boardroom's only tool is to trust their employees to use applications approved by the IT department.

The reality is, employees do not follow the law. Our research shows, nearly one in four employees* in Singapore use social media applications without IT's knowledge. These apps contain important personal and corporate data that can be unintentionally shared. Users are also susceptible to phishing attacks, which are the most effective type of attack launched on mobile users. The small screens don't provide context and you won't be able to see the full link to determine if it looks suspicious.

In Singapore, 75 percent of businesses* said that new technology made them more efficient. The rapid growth in mobile adoption and its move into the enterprise through BYOD initiatives is making mobile devices a prime target for cyber criminals. The trick is making sure you can bring these devices in without creating security vulnerability. While the fingerprint scan is great device-level protection that hopefully helps reduce device theft, it isn't the answer for enterprise-level security.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.