Biometrics in the physical and virtual workplace

The office is not the place it once was. Once upon a time, employees went to the same building every day and sat at the same desk. It was easier to control access, monitor people, and maintain security. But the workplace has changed. Today, it is more likely that employees hotdesk, are allowed entry to specific areas only at certain times, and access sensitive documents on their laptops remotely. Biometrics in the workplace now involves incorporating biometric technology in both physical and virtual spaces.

What is biometrics? 

Biometrics is the method of identifying an individual based on their physical or behavioural characteristics. Examples of biometrics include iris and retina scanning, fingerprint identification, and facial recognition.

Biometrics in the physical workplace

Despite the obvious security problems with keys, they are still used for the majority of door security. And even technological solutions including card and pin numbers are vulnerable to the same security issues as keys. If they are lost or stolen, the whole building’s security can be compromised. 

Including a biometric element to access control systems can prevent these risks. No one misplaces their hands, so fingerprint sensor pads make lost cards a thing of the past. Security can be increased even further by adding multiple layers of biometric authentication. For example, facial recognition could be used in addition to fingerprint sensors. This has the additional benefit of providing a more seamless experience by reducing the false rejection rate.

However, some companies are, understandably, focused on best hygiene practices and no longer have the appetite for touching shared sensors. Biometric mobile phone access control systems, for example, remove this need. In workplaces such as laboratories or hospitals, this is particularly useful. These settings require strict access control to certain areas, and there is also benefit from not having to touch physical sensors.

In the traditional workplace, biometric technology enables smarter and more secure access control to doors while improving user experience. Also, because of flexible working, many buildings run hotdesks, so using biometrics helps to simplify access to personalised settings when colleagues share computers, for example. Additionally, it allows employees to access shared devices such as coffee machines and printers. 

Future applications of biometrics may even allow employees to personalise their environments, including setting their personal preferences on the coffee machine or programming their preferred room temperature

Biometrics in the virtual workplace

Nowadays, being in ‘the office’ is shorthand for being connected to the internet and working anywhere with your laptop. While there are far more benefits than drawbacks to this model, there are certain security challenges.

• Lost or stolen corporate laptops or mobile devices
• Use of unsecured WIFI networks
• Compromised pins and passwords

Fortunately, to strengthen corporate security measures for employees working remotely, companies now use biometrics for mobile credential authentication as the technology only allows authorised users to access devices. Biometric information is difficult to steal or intimidate. But even if credentials were stolen or devices lost, there would be less chance of a security breach as it would be hard to mount a scalable attack.

Biometrics can help with the password problem

One unwanted consequence of the digitalisation of life is that we have to remember a large number of passwords due to the numerous software programmes, applications, cloud-based services, and shared VPN drives employees access daily. This can easily lead to employees forgetting passwords—Microsoft spends USD$12 million a month on forgotten passwords. 

And passwords are also a security issue as many of us use the same one across our personal and work accounts—or a slight variation of the main password. Although understandable, this is a huge security risk that is responsible for the majority of corporate data breaches.

Passwords promote sloppy security and businesses are suffering, causing them to consider biometric solutions more seriously. Apple is transitioning to passwordless devices using biometric ‘Passkeys’, and every company can secure their devices with similar biometric technology. Not only is this safer, but it also has the potential to make employees more productive. Eleven hours a year are lost due to password-related time wasting. 

Companies could request biometric authentication through apps on the employees’ smartphones, which is a simple way of increasing security and providing an improved user experience. Over three-quarters of smartphones have biometric capabilities, and employees accessing these features on their own phones can improve corporate security at a relatively low investment cost.  

The main concern: storing sensitive data securely

Storing biometric data and keeping it safe is a huge concern for companies as this data is categorised in the higher-risk category of personal data—and there are UK GDPR implications. Storing biometric data securely is paramount as not doing so exposes your organization to unnecessary risks.

Biometric data can be stored on a portable device, a smart card, for example. These are generally not vulnerable to network-related attacks, and users feel as if they are in control of their own data. However, this solution can be costly, and cards can still be lost or stolen.

Alternatively, companies could create a centralised biometric database—a cheaper option, but storing everything in one repository does present risks for a company. However, if the data centre is securely protected from external factors, this method could be preferable for companies with a remote workforce.

Conclusion

Companies face challenges resulting from the changing and decentralised workplace. However, biometrics can help to secure the modern office—be it physical or virtual—and provide greater employee flexibility over how, when, and where they work.

But companies don’t need to worry that they suddenly have to replace their entire system. Biometric solutions can be added progressively; adding them to existing security increases security without compromising user experience. Biometric cards, for example, can easily replace standard access cards relatively cheaply without causing friction.