All kinds of organizations require physical security systems, from insurance firms protecting customers’ sensitive files to engineering companies guarding against industrial espionage. So as with any other area where human guards and alarm systems have been cornerstones of the traditional security architecture, the emergence of sophisticated biometric technologies has started to shake things up in enterprise security in a profound and productive way.
It’s easy to see this trend playing out in traditional security platforms’ embrace of such technologies, with a growing list of major players incorporating biometric capabilities into their offerings. Honeywell, for example, brought BioSec’s palm vein authentication technology into its WIN-PAK access control platform well over a year ago. Last September, AMAG’s Symmetry Enterprise access control system enabled support for iris recognition, thanks to technology from Iris ID; and it incorporated support for Suprema fingerprint readers last month. Ipsidy, meanwhile, recently incorporated facial recognition into its Access platform. The list goes on.
As for actual deployments of this technology, they run the gamut across a wide range of enterprise environments, and include a variety of biometric approaches. Examples range from Alabama’s Auburn University and its use of iris recognition to secure its athletics facility, to the Canadian National Railway Company and its use of facial and gait recognition security at its head office in Montreal. Biometric access control is even making its way into industrial farming, with SensibleVision having announced that its ‘race blind’ facial recognition technology was being trialed for the accurate identification of farm laborers coming to work.
The Digital Revolution
In many cases, however, physical access control is only half the story, with digital access being a matter of intensifying concern. This is the logical result of the wave of digitization that has swept the business world over the past couple of decades: previously, sensitive files might have been kept in a locked office or cabinet, with physical keys issued only to authorized individuals; now, they’re in the ether, available to anyone who has the right credentials. Too often, those credentials are the kinds of username and password combinations that are so easy for hackers to crack. But a growing number of data breaches have started to persuade many businesses to embrace more secure authentication mechanisms, and this has occurred as affordable and convenient biometric solutions have become available.
BIO-key, for example, has seen its fingerprint reader solutions embraced for internal security by a number of organizations, from a Peruvian telecommunications company to banks and manufacturing firms, all opting to use fingerprint authentication for employee access to internal assets. And just as physical access control platforms have been embracing biometric solutions, digital security systems are also integrating such technologies: the IBM Security Access Manager, to name one prominent example, incorporated biometric authentication capabilities from Crossmatch last spring. Meanwhile, a major Swiss bank decided last year to allow employees to biometrically authenticate using their own smartphones thanks to Veridium technology, accommodating a growing BYOD trend in the workplace.
The latter example illustrates how the mobile biometrics revolution continues to unfold in surprising ways, with consumer-focused innovations not only pushing enterprise decision makers to step up their security with biometric authentication, but also putting real solutions into their employees’ hands. A Gemalto survey from last year found that 64 percent of IT decision makers were considering the use of consumer-grade authentication for IT access. It makes sense: Some of the most sophisticated biometric authentication technologies can be found in today’s high-end smartphones, such as the iPhone’s Face ID system. And with so many of these devices in employees’ pockets, it makes sense to leverage their capabilities for internal security.
With digital security now such a critical concern, while physical security remains a key issue for many organizations, the next step forward for enterprise security is clear: convergence.
In an interview with FindBiometrics Director of Digital Content Susan Stover at last week’s ISC West security conference, event organizer Will Wise observed that some of the best attended education sessions at ISC West were about “cyber-physical integration” and “how biometrics is actually helping with the convergence of physical and info security”.
“Three years ago, I think people were in denial” about the need to secure sensitive data, especially those who specialized in physical security solutions, he said. But now, we’re seeing “a total change” in which data security is becoming “a team sport” and a “front burner” issue.
“I don’t think any of the really big companies can just not have it be a conversation point”, Wise asserted.
Indeed, one of the biggest security solutions providers in the world, IDEMIA, is leaning into that physical-digital convergence. The company offers both physical access control solutions like the high-throughput MorphoWave scanner and biometric authentication solutions that can be used for digital access management such as its mobile-based 3D facial recognition technology. What’s more, the company recently announced the creation of a new Secure Enterprise Transactions division that will incorporate IDEMIA’s biometric devices activities, pointing to an intensifying focus on comprehensive biometric enterprise solutions.
BioConnect, meanwhile, has long offered an enterprise-focused identity platform that incorporates multiple factors including multi-modal biometrics, and has just announced upgrades that will make its platform compatible with third party biometric authentication solutions for physical access control. As BioConnect CEO Rob Douglas explained in his own interview with FindBiometrics’ Susan Stover at ISC West, “unification of the digital and the physical world across the enterprise” is “something we’ve been working on for years”.
“We come at it from the physical access side, but now we’re unifying the enterprise so that a person who is authenticating into the digital applications can be the exact same person authenticating into any door system across the enterprise,” Douglas explained.
It’s a game that many other enterprise security specialists are going to be playing more and more in the years to come, and one in which biometrics are going to play an increasingly critical role, if the state of play today offers any indication. That’s bad news for hackers and industrial spies, but it’s great news for businesses ready to embrace the powerful security tools that are now emerging.
April 18, 2019 – by Alex Perala