The prospect of new, high-tech security technology has CIOs and IT organizations drooling over the idea of a world where secure information and operations are affordable and easy to implement. Within the consumer tech world, fingerprint authorization has made its way onto the smartphone, but most enterprises are still struggling to determine how and where to use biometric security measures and identification.
In SearchCIO's February #CIOChat, we asked participants: "What security tools should be on CIO's radar?" While biometric security measures might seem unrealistic and unattainable in the enterprise for now, their uses -- as strange as some might sound -- are already out there:
Yes, you read correctly: body odor biometrics. A study conducted by a biometrics research group at the Universidad Politécnica de Madrid in collaboration with Ilía Sistemas S.L. found that while body odor can vary with diet, disease and mood swings, there are aspects of each person's body odor that remain recognizable. The group's analysis of 13 individuals during 28 sessions found that correct identification occurred more than 85% of the time. These low error rates are certainly promising, but will there be an application in the enterprise? Let's put the brakes on body odor biometrics for now.
SearchCIO Senior News Writer Nicole Laskowski has given biometric security measures and identification a lot of thought. In her recent Future State column, Laskowski talked to Kansas City startup EyeVerify LLC, a company using blood vessel patterns found in the whites of the eye for user authorization. This technology could be especially valuable for opening mobile banking apps or other programs housing sensitive, personal information. According to Laskowski's research:
Keeping an eye on biometrics: Gartner predicts by 2016, 30% of orgs will use biometric auth on mobile devices, up from 5% today. #ciochat— Nicole Laskowski (@TT_Nicole) February 26, 2014
As with emerging technologies such as cloud storage, smartphones and wearables, which gained popularity on the consumer side before they hit the enterprise, employees and customers are going to expect organizations to adopt biometric security measures and identification quickly once they've entered their personal lives.
Whether it's your eyeball or fingerprint, SearchCIO Executive Editor Linda Tucci asked tweet jammers if mobile is the best -- and only -- place for all this biometric technology to reside:
More on biometrics technology
Biometrics and wearable technology
Multifactor authentication requires users to provide a few different identifications -- often a cypher they know (PIN or password), an item they possess (smart card, USB key or pass), and a physical characteristic they submit to scanning (fingerprint or eyeball, typically) -- to access secure areas, devices or applications. Tweet jam participant Chris Scott, a technology practice leader at Tatum US, suggested that organizations might soon require two-factor authentication for those accessing their company assets, but CIOs don't need to worry about how -- at least not yet -- since consumer tech companies are already working that into the devices employees bring to work.
What do you think? Will biometric security measures and identification be a mobile-only innovation, or will it be woven into devices inside the enterprise, as well? Share your thoughts in the comments section below.
For more of this #CIOChat conversation, search the hashtag on Twitter. Our next SearchCIO tweet jam will be held on Wednesday, March 25, at 3 p.m. EST. Follow @SearchCIO on Twitter to learn the topic (TBA).
Dig deeper on Enterprise data security and privacy
Emily McLaughlin, Associate Site Editor asks:
Will biometric authentication be added to enterprise devices? If so, where?
2 ResponsesJoin the Discussion