FUTURE TECHNOLOGY
Building a tap based access control platform
Organisations need to consider integrated access control platforms to jointly secure IT applications and physical access , recommends Tim Phipps from HID Global .
With the move to a mobile and cloud first world , corporate data has become increasingly difficult to protect . Employee expectations have changed – they want to be able to access corporate cloud applications , data and services anywhere , at any time , using the device of their choice . This can potentially make networks significantly more vulnerable to security breaches .
Reliance on passwords alone is not enough . When hackers steal an employee ’ s user name and password , they can often move through the network undetected and upload malware programmes to other systems . Now , with the advent of a security model called tap authentication , it is possible to control access to data with a much more convenient process , using the same identification card that controls access to a company ’ s facilities .
With tap authentication , users simply tap their smart cards to laptops , tablets , phones and other NFC-enabled devices for easy and convenient access to network resources , cloud applications and webbased services . This quick tap of the card to a device is much easier and secure than passwords . It is faster and more seamless and convenient than dedicated hardware one-time passwords or other physical devices . Perhaps most important for users , it offers the convenience of being able to access data and cloud-based applications with the same card that opens doors .
Today ’ s threats will not diminish anytime soon . Nor will the cost of a data breach . IBM recently announced in its Security Services Cyber Security Intelligence Index Report that phishing , malware and other cyber threats are now costing organisations up to 19 % in revenue and 21 % in lost productivity , amongst other financial hits . Protecting access to corporate data is becoming more crucial . One of the biggest problems is an over-reliance on passwords . Identifying and validating workforce identities used to be relatively easy and relied on the combination of a username and a password that users typed in to a PC to authenticate themselves to the machine and to the network . Workforce computer users had one password , and that password was used in one place only : at a stationary workstation in the office or at home . Once the user logged in , they had access to every application they needed to do their job .
Today , however the enterprise landscape is rapidly changing . We now live in a mobile-first , cloud-first world where there is no longer a single device that is used to access corporate data and services . On top of this , corporate security policies have changed , requiring users to authenticate themselves more often . For example , employees at the National
28 Issue 03 INTELLIGENT TECH CHANNELS