APPLE WATCH TO BE A PASSWORD ALTERNATIVE
With password tolerance levels at an all time low, alternatives to the pesky and insecure authenticators are beginning to abound. One of those alternatives could be the Apple Watch.
Even before Apple's latest gadget began shipping last week, MicroStrategy announced it was extending its User enterprise security solution to the Apple Watch.
User, launched earlier this year, lets an enterprise use smartphones to authenticate its users and eschew user names, passwords and tokens. The solution has two parts: a back end that runs in the cloud, and an app that runs on mobile phones.
The User app uses all of the Apple Watch's repertoire -- glances, notifications and force touch -- to perform its functions. It is designed to detect a variety of business systems through a wireless connection as users approach.
For example, as a user walks up to a workstation, a notification will appear on the watch to unlock the hardware, which can be done with a tap of the timepiece.
User on the Apple Watch allows it to act as a digital key that employees can use to log in to business systems, unlock devices, validate an identity and open entryways.
SECURITY PLUS CONVENIENCE
"If you think about enterprise security and security in general, what you find is that for something to be more secure, it has to be less convenient," Zolfaghari said.
"It's the opposite with the Apple Watch," he continued. "You get greater security with a higher level of convenience."
Bad Password Hygiene
As if any more evidence were needed about the insecurity of passwords, LogRhythm released the latest in a long line of surveys finding that users continue to ignore good password hygiene -- except in maybe one instance.
Only 19 percent of users created unique passwords for all their accounts, according to the survey of 520 full-time employees at organizations with 250 or more employees in a number of industries.
However, when it came to their personal banking accounts, 78 percent of the respondents said they used a unique password there.
Despite the apparent concern users have over their personal finances, there seems to be little change in their general attitude toward password hygiene.
"Weak and stolen credentials is still one of the most common threat vectors used by the bad guys," said Mike Reagan, chief marketing officer at LogRhythm.
In addition to finding 81 percent of participants reused passwords in one way or another, the survey found that 79 percent of the respondents changed their passwords less frequently than once per month.
"The reality is that credentials are going to be stolen. The question is, what is the value of a credential to a bad actor?" Reagan said.
"The value of a stolen password drops precipitously when a person frequently changes passwords," he continued. "If I'm changing my password every 15 days, I'm really limiting the value of my stolen credentials."
The watch has another benefit for the overseers of enterprise security.
With User, an enterprise can remove the need for user names, passwords, physical IDs and badges, and replace them with a software key that can reside on a smartphone or the Apple Watch.
"That can be a transformational and important application for the enterprise, because it rids it of one of the real weaknesses in enterprise security," said Paul Zolfaghari, president of MicroStrategy.
"What the watch does is give Usher one more level of convenience," he told TechNewsWorld.
Actually, the watch may be better suited for authentication than a phone.
"The watch is designed for short interactions," Zolfaghari explained. "A short but important interaction is the transaction that takes place when somebody is being granted authorization to do something."
I hope this article helps a lot... SHARE WITH YOUR FRIENDS
FOR BLOGGERS 
Post a Comment