This article was written by Robert Mungovan, Chief Commercial Officer for Aware as part of the Information Security Insight Jam 2021.
Remote and or hybrid work is here to stay, especially in the wake of the COVID-19 pandemic. Instead of exclusively working in office buildings, many employees are increasingly logging onto their computers from home. Many have become completely remote as well; only occasionally stepping into their company’s physical office.
Workers are enjoying the convenience and flexibility of this trend as it allows them to avoid commuting time, save money, and spend more quality time with loved ones. Remote working also allows workers to be employed by companies who are not located nearby, opening up more doors than ever for employment.
But while this trend toward remote work is mostly a positive for employees, employers are often faced with a number of significant challenges. Not least of which is onboarding, the process by which newly hired employees have their identities verified and are brought onto the company’s secure internal system. This process has traditionally always been an in-person one, requiring new employees to travel to a physical office to meet someone face-to-face, provide identity documents, and fill out paperwork.
The trend toward remote work has been a challenge for Human Resource (HR) professionals to address, leaving them wondering how best to bring on new remote employees securely without unwanted inconvenience. There is technology that can help companies onboard new remote employees conveniently without a sacrifice in security, and that technology is biometrics.
The Benefits of Biometrics for Remote Onboarding
What are biometrics? Biometrics use a person’s unique physical characteristics—such as their face, voice or fingerprint—which can be used to verify that person’s identity and permit access to an account or platform. They essentially do what passwords do—protect our most sensitive accounts and information—but with a much greater level of security. Because biometric sensors are available on mobile phones; usage of special hardware is not required. Biometrics are also highly convenient, allowing users to perform facial authentication or speaker recognition via a smartphone or mobile device.
These traits make them ideal for HR associates tasked with onboarding remote employees. Instead of requiring new hires to travel into the office, HR can meet with these employees virtually over a computer or smartphone. They can then record a person’s physical characteristics with a process as simple as taking a few “selfies,” and then match them to images of their identity documents taken using the same software.
By allowing new hires to upload images of their identity documents remotely, and then match those images to the selfies taken, companies can establish a strong identity baseline for employees unable to visit a physical office. Not only that, it allows employees to be subsequently authorized to access the company’s network via a selfie or simple voice prompt, instead of a cumbersome, easily forgettable password. With biometric system access, remote employees can log into their computers quickly, giving them the ability to begin their work faster, and with greater security to boot.
The Contemporary Challenges of Access Security
When it comes to access security today, many companies are still engaging in risky security practices. Passwords continue to be a challenge for both users and companies, with over 39% of users admitting to reusing passwords across workplace accounts. Additionally, the adoption of stronger, two-factor authentication methods is less than ideal, with less than half of companies requiring these additional security measures of their employers.
To make matters more challenging, hackers have been targeting remote workers more and more. Since the rise in remote work resulting from COVID-19, there has been a 270% increase in social engineering attacks on remote workers, all of which are designed to steal or determine a worker’s password for access to their company’s network. There has also been a 51% increase in phishing attempts against remote workers in 2021 alone, all of which are designed to achieve the same end.
The common thread here is that passwords are increasingly fraud-prone, and present a serious security risk for companies relying on them to provide their remote workers with convenient access to their networks. But it doesn’t stop there. Passwords are also generating increased fatigue among users who on average end up reusing them up to 14 times each. By reusing the same password multiple times over multiple accounts, people are potentially giving hackers access to a much larger digital portfolio. Hackers can then simply use the same password to access multiple accounts.
Problems with passwords also account for a great deal of lost employee productivity. Employees spend an average of 10.9 hours every year entering or resetting passwords. This amounts to an average productivity loss of $5.2 million annually for every company. With such productivity loss, coupled with poor security and a high level of inconvenience, both employers and employees are growing increasingly tired of passwords as an authentication method.
Biometrics for Secure, Convenient Remote Onboarding and Access Security
To address both the challenges of remote onboarding and access security, employers should look closely at biometrics as a strong authentication alternative to contemporary methods. People today are far more accustomed to facial authentication and other biometric technology than ever before and are increasingly frustrated with the poor security and convenience of passwords. Biometrics are mobile, flexible and fast, and provide organizations with a wide array of benefits across virtually any use case.
Much has been made about the “death of the password.” And while this fate is deserved, passwords still make up the great majority of contemporary authentication methods, opening the door to criminal activity and fraud, and losses in both assets and productivity. Biometrics provide organizations with a way to bring strong, positive change in the authentication space, while simultaneously enabling a much more secure, convenient means of onboarding remote employees and providing them access to sensitive content.