Data Breach: Adapting to Biometrics is Only the Half Job Done
July 18, 2016 | Biometric Access, Identity Theft, Privileged Identity/Access Management
Identity theft remains one of the biggest concerns for banking institutions across the world. The number of data breach incidents have jumped manifold as cybercriminals now have advanced tools and technical know-how to steal data. Moreover, a rising number of internet-enabled devices—although they allow increased connectivity, anytime and anywhere— have made us more vulnerable to cybercrime.
Accordingly, organizations, particularly banks, spend billions of dollars on IT infrastructure to secure data base. Preventing breaches by following a set of secured password management rules remains the top priority though. That’s why, banks often tell customers to stay vigilant while using login passwords.
To safeguard against a possible hacking, hard-to-crack passwords instead of often used access codes like ‘ABC123’ remains the least possible step we could take to avoid an identity theft. To increase password protection and minimize risks, financial institutions, in particular, also give an extra layer of security such as One Time Password (OTP) code. Besides, some other preventive measures such as often changing passwords stay at the top of ‘to-do’ list.
Nevertheless, these measures fail to give a guaranteed security. Banks accept this fact. Consequently, banks now follow some better ways to deter identity theft. For instance; the biometric access. It allows both banks and customers to do away with traditional passwords in favor of more secured facial scans or finger printing.
Already a big chunk of customers in the US access bank accounts through mobile phones using biometrics. The New York Times, recently reported that several big financial institutions have envisaged adopting the technology to safeguard against identity theft, taking a leaf out of JP Morgan Chase, Wells Fargo and Bank of America’s book. The US banks were rocked by massive data breaches that saw social security numbers, credit and debit cards’ details falling prey to cybercriminals in the recent past. The technology, however, is not foolproof. Cybercriminals will invent ways to breach biometric data sooner than later, experts warn.
In the context of banks, privileged identities, in particular, will remain vulnerable. These accounts, which form a large pool of sensitive data, are often exploited by insiders and disgruntled employees. So if any malefactor decides to misuse the ‘privilege’, a biometric access would fail to prevent data breach. And shockingly, more often than not, managements fail to detect malicious activities early enough.
In this backdrop, it is vital for organizations to adapt Privileged Access Management/Privileged Identity Management. Unlike biometric analysis, a PAM/PIM provides multiple security layers while accessing privileged identities. It allows early detection of any unusual activity carried out by malicious insiders. Verizon Investigation Report on Data Breach, recently emphasized that high-profile data breach incidents, involving large US corporations, could have been prevented had there been a proper PAM/PIM solution in place.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behavior Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.
Need a solution for safeguarding critical IT assets? Please contact us