Will fingerprint scanning take off?

What are the implications for enterprises and the security issues regarding fingerprint scanning?

What are the implications for enterprises and the security issues regarding fingerprint scanning? Anthony Tian, Regional Director, Asia Pacific, Good Technology, gives his thoughts.

The iPhone 5S fingerprint scanner is being seen as a mobile security game changer. What are the implications for enterprises?

While Apple's iPhone 5S Touch ID fingerprint scanning technology is a very slick addition for use by consumers, the fact that even Apple themselves didn't tout this as an MDM/business feature was a good indication that the enterprise should be leery to embrace it for use as 'true' data security tool. If Apple makes the Touch ID API available, it will allow developers to take advantage of the biometric features which provide an additional authentication layer to their application, thus creating a new frontier in app security.

However, like many new security features, Touch ID should not be considered a 'silver bullet', or convey a false sense of security. There is always a way to get access to mobile devices, especially when one considers that BYOD devices can have multiple fingerprints registered to the device. This is why corporations can't rely on hardware-based encryption alone. Instead, they need a secure container around the data and information on the device so that the information can't be extracted, even if a hacker gains access to the phone

Do you see this feature violating human privacy (in-built fingerprinting scanner just to operate the device)?

Consumers have the option to make use of this feature and they can always 'opt out' when it comes to its use on their personal device. However, if a company chooses to mandate use of biometric/fingerprint scanning capabilities on BYOD devices, it does raise some privacy questions when you consider there will then be a large database of biometric information that is potentially vulnerable to hacking.

Do you think fingerprinting scanning will go mainstream as a technology?

Apple has effectively introduced the concept of fingerprint scanning for consumer use, but there still remain a lot of questions around its effective use for securing devices. Therefore, it will likely still take some time before fingerprint scanning becomes a household feature.

Do you see any possible risks with the integration of biometrics in mobile security?

According to recent reports, a German biometrics hacking group has successfully demonstrated how they have bypassed the iPhone 5S' fingerprint scanner by taking a high-resolution photo of the users' fingerprint, which was then printed and used as a fingerprint to access the device.

While biometrics technology adds another layer of security to mobile devices, it should not be the only security feature used on corporate devices. You can't solely rely on operating system security because there are multiple things that users can do, outside of an organisation's control, to weaken it. If you're going to entrust your corporate data to a device, you need to provide a solution that protects the data, not just the device and gives you (the IT admin) control. It is critical for companies to secure both their mobile devices and their data with secure containerisation to protect sensitive data and corporate IP on those devices.

How can Good Technology help enterprises integrate iOS 7 into their mobilisation strategy? How beneficial will it prove to be for them?

Good Technology is the only secure mobility provider to offer full iOS 7 support across its entire suite of applications, including Good for Enterprise, Good Connect and Good Share, the day iOS 7 became available.

With Good, enterprises will be able to upgrade to iOS 7 without any delays in service, exposure of data or compromised security. Good has also rolled out iOS 7 support for its rich ecosystem of custom and partner applications built on the Good Dynamics Secure Mobility Platform.

In addition, Good has leveraged the extended set of Apple mobile device management (MDM) capabilities available in iOS 7 to enable functions such as extended restriction controls, enterprise SSO and configuration and policy management for MDM-managed apps. Good will also support the enhanced Volume Purchase Program (VPP) making it easy for businesses to deploy these iOS 7-compatible apps at enterprise scale while still retaining full ownership and control over app licences.

By securing entire workflows, facilitating the development of numerous iOS 7-compatible enterprise apps, and simplifying management of iOS 7 within the types of diverse mobile environments typical today, Good is uniquely enabling enterprises to truly embrace iOS 7 as part of their mobilisation strategy.

Join the CSO newsletter!

Error: Please check your email address.

Tags ApplesecuritybiometricsGood Technology

More about AppleGood TechnologyTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Zafar Anjum

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place