Identity Security and the Digital Perimeter in Mobile Devices

Identity Security and the Digital Perimeter in Mobile Devices

More and more enterprises across the United States are switching to a Bring Your Own Devices culture (BYOD), presenting security teams with a far more amorphous and diverse digital perimeter. In cybersecurity discussions, this problem is generally filed under endpoint security; the challenge appears to lie in securing the new endpoints being added to the network, after all.

However, this is only one half of the equation. If your enterprise is considering or already switching to a BYOD culture, then you need to consider your identity and access management solutions as well.

Why should you consider identity security when dealing with your enterprise’s mobile devices? It all relates back to the digital perimeter.    

Biometric Authentication on Mobile Devices

For enterprises with a substantial on-premises environment, deploying biometric authentication is the dream. Experts agree it could represent the next evolution of identity security; biometric authentication is more secure than passwords, are impossible to forget or lose, and can facilitate greater employee productivity. Even when used in a multifactor authentication protocol, it could represent a significant new component in enterprises’ digital perimeters.  

However, some enterprises are deterred from adopting biometric authentication due to its hardware requirements. A business would need to install a biometric scanner for every user and/or superuser. Even if it is only used by your privileged access users logging into the most sensitive databases, this can prove a significant upfront cost, especially for small-to-medium-businesses.

However, the benefit of incorporating mobile devices into your perimeter is that most modern mobile devices include a built-in biometric scanner for fingerprints (at minimum). This means your enterprise can save a significant amount in constructing a stronger digital perimeter while enjoying near-immediate and widespread employee adoption.       

The possibility of using mobile devices’ own biometric authentication readers for your enterprise are endless. You could mandate two-factor authentication as the basic entry requirement into your network, adding a new layer to your perimeter. You could mandate biometric authentication for access to your most sensitive databases.

Moreover…

Mobile Devices as Part of Digital Identities

Your enterprise, if it is to employ a BYOD culture, could consider the mobile devices connecting to your network essential components of each of your employees’ identities. Using them as a log-in entry point can be a consideration in multifactor authentication schemes or regular authentication protocols.

As such, mobile devices need to be considered an essential part of employees’ credentials and treated as such. Much like a password, mobile devices shouldn’t be shared with anyone else if it is used as an entryway into your network. Make this a company policy and be firm in your disciplinary actions for any discovered violations.

In other words, treat mobile devices in the wrong hands as security holes in your digital perimeter. The flexibility and remoteness of your digital perimeter can create variables in your authentication that pose a threat to your network. Making the devices a part of the authentication calculation can prevent these problems.   

Patches Mean a Better Perimeter

You need to make sure your mobile devices, your endpoint security, your identity security, and your biometric authentication are all consistently patched to ensure the strongest possible perimeter.

BYOD and mobile devices can mean a more flexible perimeter, but it doesn’t have to mean a weaker one. Consider your identity security on your mobile devices another layer to your digital perimeter, working in tandem with your endpoint security to make your enterprise as secure as possible. 

For more on mobility and security, check out our sister page on the subject!

Other Resources: 

Ben Canner

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner