In the world of identity and access management, no technology has as much promise or provokes as much anxiety as biometric authentication. The dream for biometric authentication is it will simultaneously streamline routine processes like employee logins and secure vital digital assets. The fear is it will prove difficult to implement on a mass scale and that the permanence of biometric authentication factors makes them a dangerous security risk in their own right.
Despite these contradictory feelings, there has been no better time to deploy a biometric authentication solution. In 2015, a study by Telesign found 73% of adults in the U.S and U.K use duplicate passwords for multiple accounts. More than half use five passwords or less throughout their lives. 47% haven’t bothered to change their credentials in 5 years. Other enterprises are responding to these security risks, with two-thirds using biometrics in one form or another.
Nothing in cybersecurity should be done rashly, however. Before you deploy a biometric authentication solution for your enterprise, you need to fulfill the necessary prerequisites to ensure its success. These include:
Evaluate Your Enterprise’s Business and IT Environment
Before deploying any new cybersecurity solution, you need to evaluate your current cybersecurity platforms. Integration issues between products and solutions can create new security holes in your network for hackers to exploit. Therefore, you should have your IT security team determine whether your selected biometric authentication solution will work well your endpoint security, SIEM, and identity solutions if you have any.
While examining your integration, your IT team should also determine whether your selected biometric solution will fit with your current security policies. This may raise questions, including:
- Will biometric authentication be incorporated into your single single-on?
- Will it be the initial criteria for entry into the network? Or will it be deployed only to secure high priority or proprietary databases?
- How will biometric factor information be stored? Will they be saved alongside employee passwords or in a separate database? In an on-premises server or on the cloud?
Preparing to deploy a biometric authentication solution shouldn’t end with the digital environment though; it must also extend to the analog world. You must have a clear sense of your on-premises endpoints, your most-likely security risks, expected number of end users, expected number of privileged users, and the location of your existing data before you can determine the right biometric authentication solution. Without this evaluation, you won’t have the sense of how your solution needs to scale and where it must prioritize security.
Start with an Internal Sample Group
Deploying any solution, cybersecurity-related or otherwise, can prove a daunting process for enterprises of any size; even small enterprises have to factor in third-party actors and vendors entering your network. Deployment and adoption require time, energy, and resources—none of which are easily recovered. After you deploy a biometric authentication solution if you discover it is inadequate or detrimental, replacing it can cost more than heartache.
Therefore, before you deploy a biometric authentication solution, it is best practice to start small and to test prior to full deployment. This often involves selecting a sample of random employees within your enterprise to try your selected solution for a few weeks.
By doing so, you can see how much faster or slower they are in their authentication, whether they encounter difficulties in their business processes, and where you will need to improve the solution’s implementation before full deployment. You can also learn if the solution is as effective as you believed and whether another choice is warranted.
As a side note, these selected employees should not be from the same department as that could clog up vital parts of your business processes. Additionally, you can be selective about where you deploy a biometric authentication solution; not every department and area of the network will need it. Why lock down what was never in danger?
Install the Right Equipment and Software
Now we come to the heart of it: the time to actually deploy a biometric authentication solution.
Keep in mind that the hardware and software you’ll need depends on what biometric factors you are incorporating into your authentication procedures. Most endpoints come with some kind of camera and microphone for facial and vocal recognition, respectively. Fingerprint authentication—the most popular and widely known—will be easier on modern mobile devices than on laptops; you may need to install USB-attachment fingerprint scanners which can cost anywhere between $50 and $2,500 apiece for the latter.
On the other hand, some biometric authentication solutions can measure behaviors instead of physiological factors. Some solutions can even determine identities via typing behaviors without a specialized physical component. Assuming you’ve done the necessary research, you should know what kind of biometric factors are best-suited to your enterprise.
The steps to deploy a biometric authentication solution can be challenging, but the price of security is a small sum compared to peace of mind!