Story image

Biometrics vs passwords: How the generation gap is shaping workplace security

30 Jan 18

Millennials are moving beyond the world of passwords and quickly embracing biometrics, leaving the older generations to continue carrying the password tradition, according to IBM Security’s Future of Identity Study.

75% of millennials are comfortable using biometrics, however fewer than half are using complex passwords and 41% reuse passwords. 34% use a password manager.

On average, those aged 55 and older use 12 passwords, however only 17% use a password manager. It is not clear from the study how people remember their passwords.

Millennials are also more likely to enable two-factor authentication after a breach (32%), compared to 28% of the general population.

IBM Security says that as younger employees dominate the workforce, organisations must be ready to adapt to the kinds of new technologies those employees bring in.

This could mean an allowance for increased use of mobile devices as the primary authentication device and integrating biometrics or tokens in place of passwords.

Asia Pacific respondents were the most open to biometric technologies. 78% are comfortable using biometrics today, compared to 65% of those in the European Union and 57% in the United States.

Fingerprint biometric technology is perceived as the most secure authentication method amongst all respondents (44%), followed by passwords (27%) and PINS (12%).

US respondents seem to be shunning the use of biometrics – 23% said they aren’t interested, which is almost double the global average.

“In the wake of countless data breaches of highly sensitive personal data, there’s no longer any doubt that the very information we’ve used to prove our identities online in the past is now a shared secret in the hands of hackers,” comments IBM Security A/NZ CTO Chris Hockings.

 “As consumers are acknowledging the inadequacy of passwords and placing increased priority on security, the time is ripe to adopt more advanced methods that prove identity on multiple levels and can be adapted based on behaviour and risk.”

Overall, security is now more important than the convenience factor – particularly as part of financial applications.

On average, 70% of all respondents rank security as the top priority for banking, investment and budgeting apps. 16% believe privacy is most important and 14% say convenience is most important.

Security also featured as a top priority for email, online marketplaces and workplace applications, however it is not so important for social media applications.

IBM Security says that organisations should recognise these preferences when choosing security solutions. Identity platforms that provide choices for multiple authentication options are able to provide flexibility and security.

The company also says that organisations can balance security and convenience by using risk-based processes that trigger additional security measures in certain situations, such as if an IP, device or location signal abnormal activity.

The 15-minute online survey totalled responses from 3,977 adults across the United States (U.S.), European Union (EU) and Asia-Pacific (APAC) regions, including:

•   APAC: 997 respondents (Australia, India, Singapore)

•   U.S.: 1,976 respondents

•   EU: 1,004 respondents (United Kingdom, France, Italy, Germany, Spain)

Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
SingleSource scores R&D grant to explore digital identity over blockchain
Callaghan Innovation has awarded a $318,000 R&D grant to Auckland-based firm SingleSource, a company that applies risk scoring to digital identity.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Spark Lab launches free cybersecurity tool for SMBs
Spark Lab has launched a new tool that it hopes will help New Zealand’s small businesses understand their cybersecurity risks.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t.