BYOD AUTHENTICATION
personal email or messaging apps instead of a secure corporate communication platform, or store work documents on their personal cloud drive instead of the company’s file-sharing system. It seems organisations are stuck between a rock and a hard place: leave employees to their own devices (literally) or introduce stringent new systems to enforce security and risk users flouting them. How can organisations reap the benefits of BYOD without opening themselves up to a huge new threat vector? No password? No problem Silent authentication is a new way of looking at identity verification. Instead of interrupting users with password prompts or confirmation codes, this approach verifies users in the background using ‘invisible’, real-time signals between the user’s device and the mobile network. The silent authentication mechanism can be further augmented with other trust signals from the network. Provided the employee’s behaviour appears normal, they can move seamlessly from one application to another. If anomalies are detected in the trust signals, like a SIM swap or an unexpected location change, actions can be taken such as automatically pausing the user’s access or triggering additional verification. This approach doesn’t rely on easily compromised user credentials, instead using passive, environmental signals that are difficult to fake and are unobtrusive to the user. IT teams can draw on a wealth of real-time data sources, such as carrier network data, device consistency checks and even velocity checks. In an age of staff and budget constraints, silent authentication is a scalable solution that doesn’t require additional resources. It’s particularly useful for promoting speedy and efficient communication between teams, as employees expect to move quickly between voice, video and messaging
without interruption or access barriers. Finally, with growing regulatory pressure from legislation like GDPR, ISO and SOC 2, organisations need to be able to authenticate employees without over-collecting user data. Traditional authentication methods – especially those that rely on passwords, biometrics and personally identifiable information – often require organisations to store sensitive user data in centralised systems. This expands the organisation’s attack surface in the event of a breach and creates compliance risk if the data is mishandled or kept longer than it needs to be. Silent authentication eliminates this risk.
****
“
As identity becomes the new security perimeter, the most effective strategies will be the least visible ones that don’t get in the way of employee workloads or create frustration.
The future of authentication is invisible Security shouldn’t come at the cost of productivity. As identity becomes the new security perimeter, the most effective strategies will be the least visible ones that don’t get in the way of employee workloads or create frustration. By embracing silent authentication, organisations can reap the cost benefits of BYOD, increase employee productivity, and free up IT teams to focus their efforts elsewhere. Meanwhile, employees gain the ability to work from anywhere – on the go or in the office – on the devices they know and are familiar with, giving them the flexibility to switch between their personal and work lives. n
”
www.newsinthechannel.co.uk
45
Powered by FlippingBook