Multi-platform interoperability, customization and use of pre-existing integrated security infrastructures
By Jeff Scott, Vice President of North American Sales, Precise Biometrics
In the rapidly changing environment of mobile security, in both private and public spaces, executives are challenged by two stark realities. First, in an ecosystem increasingly shaped by the “bring your own device” (BYOD) trend, they need to be readying their workforces to use mobile devices. Second, they must make sure that they are able to provide a level of security for mobile devices that matches the level found on the desktop.
But effective mobile device management must do more than enable various security levels and ensure end-user authentication. It also needs to maintain the quality of end-users’ experience by integrating work and personal digital space on a single device and providing ease of use and convenience.
Fortunately, thanks to the latest hardware and software developments in authentication technology, corporate enterprises and government agencies are able to create a mobile identity management environment provided by smart cards. In both the public and private sectors, smart cards are already a key component of the ID management infrastructure.
These solutions, along with a focus on multi-platform interoperability and authentication, customization, and system integration have built the foundation for the evolving BYOD movement. These are also key considerations when tackling the array of challenges that have mounted since BYOD’s inception.
Challenge – ensuring secure access through multi-platform interoperability and authentication
When it comes to minimizing the authentication risks of mobile devices, it’s important to ensure that the device is in the hands of the right person. Typically, the most effective remedy would be “anywhere, anytime” multi-layer authentication capability. But hardware and software developers must also provide interoperability to enable these applications to work together.
What do we mean by “multi-layer” user authentication? Multi-layer, proof-positive authentication should be comprised of a combination of what you know, what you have and who you are. By layering these passwords, PINs, cards, tokens and biometrics, an enterprise can offer stronger authentication.
Passwords alone are inadequate because they can be so easily compromised. While solutions combining password/PIN and ID card/token are often considered strong enough, biometrics — such as fingerprinting — can provide additional proof that a person is who they claim to be.
Today, the best way to secure a mobile environment is through an ecosystem that utilizes existing smart card infrastructure, including the U.S. Department of Defense Common Access Card, the federal government’s PIV card and many national ID and health care cards. In the future, we should look to mobile security and the integration of biometrics, NFC, derived credentials and their integration within the current infrastructure.
Challenge – maintaining high-quality user experience on the go: leveraging the ecosystem
Another proven strategy to combat BYOD challenges and pitfalls can be found in implementing a customized mobile security infrastructure that integrates with systems, tools and solutions that an organization already has in place. Creating an “ecosystem” of third-party security measures and solutions — mobile device management, remote access, VPNs and virtual tools — this approach maximizes the end user experience across platforms, delivering efficiency, secure access, collaboration and information sharing.
For instance, the latest security hardware and software solutions not only include multi-factor authentication, but also provide a new level of integration and interoperability with existing smart card-based identity management systems – be they iOS or Android-based. These currently range from secure Internet browsing, email and text messaging, to digital signatures and protection of users’ identities and devices. Also in use is a sleeve for smart phones and tablets that contains a smart card reader and biometric option to protect against unauthorized application access. This sleeve solution creates a user-friendly way to incorporate multi-factor user authentication on a mobile device.
Real world example: Tackling BYOD challenges with interoperability
One example of an effective use of interoperability and multi-platform authentication solutions can be seen with the evolution of use of mobile devices within hospitals and patient care centers.
Currently, hospitals and medical professionals have adopted the use mobile devices to access patient information on the go. With applications, the integrations of a smart card and the use of an authentication sleeve, medical professionals are now able to access patient files, submit requests, run tests or prescriptions, as well as receive test results on the go. This enables medical professionals to go from patient to patient and have key, real-time data in hand to update the patient’s information on the spot. Medical professionals can even discharge patients right from their tablets, which helps increase the hospitals overall efficiency.
Medical professionals don’t have to remember a plethora of log-ins or go through multiples steps to access and view their applications either. Taking this one step further than just accessing your desktop on the go, Medical professionals can view this data in mobile-friendly application format.
The ability to use tablets to access clinical systems, view and update information with the patient on the spot, make decisions quickly and process patients in a secure environment not only improves each medical professional’s performance, but also the hospital overall. Health care is taking advantage of the existing smart card infrastructure to secure their everyday mobile environment through various stand-alone applications, mobile device managers, and smart card readers.
Looking head – innovations, challenges and possibilities
The technology available today works and should be expanded. The scalable solutions currently in use, such as smart cards, will continue to evolve to serve a wide range of environments and usability cases. Whatever ecosystem private and public entities decide to deploy, interoperability will be necessary to ensure that smart cards, biometrics, NFC and derived credentials all work together and that the mounting challenges of a BYOD environment are continually anticipated and addressed.
Despite the challenges, BYOD is the way of the future, ensuring security and maximum productivity amidst an increasingly mobile, connected world. In order to glean its full benefits and combat its main challenges, a proactive, results-driven approach to interoperability, customization and integration is required.