By the end of 2014, a flurry of new smartphones will be equipped with biometric technology, including fingerprint recognition technology. In September, Apple introduced the iPhone 5s, which includes a fingerprint reader as part of its efforts to strengthen the security of the device. Thanks in part to Apple’s influence on other smartphone manufacturers, fingerprint sensors are expected to become standard in most high-end smart mobile devices by 2015, according to a report
by Goode Intelligence. This leaves the question; what does biometric security mean for enterprise mobility management
Biometric security is also becoming a big draw with consumers – and employees. According to a recent poll
of 100,000 people by Ericsson, 52% of mobile users want to use their fingerprints for secure identification instead of a combination of alphanumeric characters.
Biometric security brings with it some interesting challenges for IT managers who have to manage mobile application security
. Will enterprise apps
and data be protected if an employee loses their smartphone or has it stolen? How vulnerable are the biometric security levels on specific devices to hackers and other intruders? Meanwhile, if an employee downloads an application that contains malware, how difficult is it for corporate IT to remotely protect or remove proprietary data or apps that are stored on the device?
As a starting point, companies can effectively mitigate any risks posed by the use of devices with biometric security capabilities by establishing bring your own device (BYOD)
policies. Such policies can clearly define which employees are eligible to participate in enterprise mobility programs, the types of devices that are supported, and the business units or functional areas (HR, finance) that are supported. BYOD policies should also include a standard set of procedures for those instances where devices are lost, stolen, or data and apps are otherwise compromised.
Another effective approach that can be included with BYOD policies is the use of app wrapping
to wrap corporate apps and data at the application level instead of at the device level. This is a more effective and user-friendly approach to other techniques such as containerizing enterprise apps since it doesn't compromise the user experience. Benefits to app wrapping include providing IT with outstanding administrative control over corporate apps and data by wrapping an existing app without the need to recompile or change software code. By utilizing this approach, enterprise mobile apps can be centrally managed using an effective mobile application management