Office computer theft ranks nearly as high as theft from cars, and exceeds that of airports, hotels and restaurants. A stolen laptop is not only expensive to replace, but can lead to a data breach that exposes private/confidential data – leaving a company vulnerable to litigation, compliance violations and damage to the company’s reputation. Global cyber attacks are projected to cost companies $2.1 trillion annually by 2019. In today’s world, hacking tactics are highly effective, and usernames and passwords just aren’t enough protection anymore.
Biometric authentication has become the de facto standard for high performance security, enabling users to secure their laptops with fingerprint sensing. The FIDO Alliance is the world’s largest ecosystem for standards-based, interoperable authentication. By defining open and scalable standards that enable simpler and more secure user authentication experiences across many websites and mobile services, the FIDO ecosystem enables better security for online services, reduced cost for the deploying enterprise, and a simpler and safer consumer experience.
Second factor authentication, or U2F, delivers an even higher level of security, with technical specifications also hosted by the FIDO Alliance. U2F is an open authentication standard that enables internet users to securely access any number of online services, with one single device, instantly and with no drivers, or client software needed. U2F has been successfully deployed by large scale services, including Gmail, Dropbox, GitHub, Salesforce.com, the UK government, and many more.U2F, can even be taken a step further with multi-factor or multi-step verification, involving more than two factors. The three elements that are usually part of U2F in some combination, include:
- Something the user knows – This could be a password, a PIN code or answer to a secret question.
- Something the user has – This is always related to a physical device, such as a token, a mobile phone, a SIM, a USB stick, a key fob, an ID card.
- Something the user is – This is a biological factor, such as a face or voice recognition, fingerprint (most common today), DNA, handwriting or retina scan.
Now let’s take a look at how U2F technology addresses individuals, Windows Hello users, businesses and IT savvy users.
Individual Business Users and Professionals
The risks associated with losing valuable as well as confidential data increases the importance of protecting individual laptops from theft, particularly when it comes to those in specific industries such as healthcare, financial and legal services where confidentiality is critical. U2F provides an extra layer of security to those who need access to confidential information remotely through cloud services such as Google and Dropbox, protecting online accounts is increasingly paramount.
Businesses are looking to protect their computing systems from being compromised on a larger scale, since significant data and financial losses are at stake. At the same time, they must do so without exorbitant overhead costs, and in a manner that doesn’t slow down user productivity and business operations. U2F solutions address these concerns, for example with a simple fingerprint key that can connect directly into a laptop port or, when not in use, kept on a key ring. It is easy to use, but raises security to a level that gives organizations more confidence that its data is protected and at less risk for being compromised.
IT Savvy Users
Power users, such as programmers, can take further measures for a multi-factor authentication approach that goes beyond U2F. Many programmers store data on the collaborative development platform GitHub, and want to add an extra layer of security for the online account. A password manager such as Last Pass, on top of 2nd factor authentication, delivers greater security, but with simplicity and ease of use.
Windows Hello Users
Windows Hello enables a more personal way to sign in to Windows 10 devices with just a look or a touch, delivering enterprise-grade security without having to type in a password. This makes it very easy for users to logon and with the assurance that their data is well protected. Surface Pro 4, Surface Book, and most PCs with fingerprint readers already work with Windows Hello, and more devices that can recognize a face and fingerprint will be available in the future. Businesses whose employees do not yet have devices with face and fingerprint recognition
capabilities should explore third party options that enable them to use Windows Hello, without having to replace an entire fleet of laptops.
Protection against cyber-thieves continues to pose a significant threat to individuals and organizations. Two factor and multi-factor authentication solutions make it more difficult for malicious individuals to access accounts than don’t belong to them. The benefits of better security, more peace of mind, cost effectiveness and protection for businesses who face potential data and financial loss, make a strong case for examining and determining what type of authentication solutions best suit an individual or organization’s needs.
One such solution is Kensington’s VeriMark™ Fingerprint Key, integrating the smallest size touch sensor available. The first of its kind anywhere in the world, the Kensington VeriMark Fingerprint Key combines superior biometric performance and 360-degree readability with anti-spoofing technology and fingerprint activated collaboration capabilities.
Designed to meet Windows Hello security requirements, it allows users without a fingerprint sensor in their computers to enjoy the benefits of faster, more secure login that Windows Hello affords. It enables users to easily add fingerprint sensing to new and older Windows 10-based PCs, and is delivered in a compact design that easily attaches to a standard key ring.
According to Pavan Li, Sr. Product Manager of Windows Consumer Marketing, “With Windows Hello, businesses now have enterprise-grade security that is also easy to use. Third party solutions such as Kensington’s VeriMark Fingerprint Key are ideal for companies that have not deployed laptops with built-in biometric capabilities, allowing them to enjoy the advantages of Windows Hello across the organization.”