Independent market research firm Vanson Bourne recently conducted a study querying 1,000 senior IT decision-makers across the US and EMEA regarding their organizations’ security policies for reducing and preventing data breaches. The study revealed that 46 percent of respondents had experienced a data breach as a direct consequence of an unsecured device. As workers become increasingly mobile due to hybrid or remote working practices, the security risks of losing devices or data increase dramatically, exposing companies to potentially damaging financial and legal consequences.
Physical and Digital Security Deliver Robust Protection Against Data Theft
Protecting against the theft of valuable company data requires both positive control over work devices (i.e., laptops, desktops, tablets, and smartphones) and the ability to deny access to the data by unauthorized individuals or entities. A stolen laptop does not just result in the loss of hardware; it opens up the possibility of a potential data breach. Cable locks protect corporate assets and sensitive data from being compromised by providing an effective visual and physical deterrent against the theft of devices in offices and public spaces such as coffee shops and airports.
However, a robust physical security protocol is not a foolproof solution for preventing data theft. The Vanson Bourne study found that 38 percent of participants who reported using security locks experienced a data breach or loss of sensitive data due to an unsecured device.
Organizations are increasingly combining physical security and digital authentication methods to ensure the security of corporate devices and the data accessible through them. Digital security is no longer as simple as creating strong passwords and changing them regularly. Technologies such as biometrics, hardware- or token-based authentication, and zero-trust principles are key to providing robust protection against data breaches and theft.
Digital authentication methods include TouchID, MFA tokens or security keys, and push-based apps that provide OTP (One-Time Passwords) or codes to log in. For instance, Windows Hello and Hello for Business integrate with hardware keys, such as Kensington’s VeriMark™, to bridge the gap between physical and digital security. These solutions require both a unique key to be connected to the device and a fingerprint swipe to log into the device.
Even with strong physical security and digital authentication protocols in place, visual hacking remains a significant threat, especially in public places. Privacy screens significantly narrow the viewing angles of laptops, monitors, and mobile devices to reduce the risk of unauthorized viewing and protect sensitive information. The use of privacy screens as a physical security measure can prevent data leaks when working in open spaces, ensure compliance with data privacy laws, and reduce visual distractions while working.
Biometrics are the Future of Data Security
Biometrics is gaining popularity due to its high accuracy and convenience, eliminating the need for complex passwords and allowing devices to be accessed using the individual users’ unique physical or behavioral characteristics. Facial recognition and fingerprint scanning are becoming standard authentication methods, making it easier and more secure for users to access their devices and data.
Device manufacturers have incorporated biometric authentication technology as a native security component of their operating systems. For instance, the goal of Microsoft Windows Hello is to reduce reliance on passwords, which are the weakest link in cybersecurity. macOS devices use Touch ID to provide secure fingerprint authentication on MacBooks, iPhones, and iPads, and Face ID, which is an advanced facial recognition technology powered by Apple’s TrueDepth camera system. ChromeOS devices utilize security key integration for multi-factor authentication (MFA) online services and apps.
At the enterprise level, many companies are deploying Windows Hello for Business to provide a passwordless, phishing-resistant authentication experience for their employees. Using this authentication protocol enables users to log in quickly with a touch or glance and enhances data security by eliminating the phishing risks tied to passwords. In addition to eliminating passwords through the use of biometrics or FIDO security keys, Windows Hello for Business integrates seamlessly with corporate security policies and provides an audit trail of logins.
The Rise of Security Keys (FIDO2, U2F, and Beyond)
Unlike traditional passwords and SMS-based two-factor authentication (2FA), hardware-based authentication provides virtually unphishable security by relying on factors that make it difficult to compromise remotely. Universal 2nd Factor (U2F) uses physical USB or NFC devices in addition to a password to provide strong but simple user authentication. Security keys, like Kensington’s VeriMark™, integrate biometric authentication and hardware security to provide enhanced protection.
Companies like Microsoft, Google, and Apple are pushing to replace legacy authentication with security keys that support passwordless standards and applications like FIDO2 and WebAuthn, which use more secure methods like passkeys and hardware security keys. New upcoming technologies like FIDO2.1 will further enhance security, providing enterprise-level authentication and integration with more online service applications. The adoption of security keys as a vital component of MFA will continue to grow as businesses face the ever-increasing threat of data theft and breaches caused by remote work, and the need to provide privileged access to systems and protect high-risk accounts.
Industry Trends Shaping the Future
- Passwordless Authentication: Given the inherent vulnerabilities and IT-related challenges of traditional password systems for authentication, passwordless authentication will continue to grow in adoption across government, enterprise, and consumer devices.
- Zero-Trust Security: Organizations are moving toward a “never trust, always verify” approach that prioritizes strong authentication methods. In a Zero-Trust environment, trust by default is replaced by continuous verification and authorization for every access.
- AI and Security: Advances in machine learning and AI-driven biometric authentication will further enhance security to detect spoofing attempts and deepfake threats.
- Regulatory Compliance: Global regulations will continue pushing companies toward passwordless authentication.
About the Author
Santiago Del Portillo is the Senior Manager of Tech Support and Systems Engineering at Kensington. With over 10 years of experience in technical sales and engineering, Santiago has been a key player in the security industry. He joined Kensington seven years ago and has since performed various roles, including Security Category Marketing Manager, Sales Engineer, and Tech Support Manager. Santiago’s extensive expertise and dedication to advancing security solutions have made him a trusted authority in the field. Santiago can be reached online at [email protected] and at our company website https://www.kensington.com
