Precise Biometrics' Tactivo adds to the BYOD possibilities with biometrics and government ID card authentication.
The advancement of smart phones and the government's increasing embrace of “bring your own device” policies are turning cell phones into network clients. In fact, a recent user survey found that when all data service uses were combined, they easily outpace talk time as the primary use for phones.
It's easy to make the case these days that mobile devices are really just tiny enterprise clients, but they are more than that, because they leave the building on a regular basis, increasing their risk factor exponentially. Thieves and hackers are getting more sophisticated in their quest to exploit government and private data.
While desktops and workstations have the advantage of robust physical security to keep fraudsters from tapping into the enterprise, a smart phone offering that same window into an agency's network walks out the door each evening.
The problem is that most smart phones are designed for consumer use, often without rigid security. They might have a password requirement, though I've tested forensic devices that can crack those in short order.
It's getting to the point where a phone used for BYOD in government service really should have biometric security. But what if that limits the choice of cell phone or tablet? If workers want to use their Apple iPads at the office, can anything that can be done?
As a matter of fact, yes. We've actually found good results with add-on products that can greatly improve security. The latest entry into this realm is from Precise Biometrics. The company has created the Tactivo case, which adds both a smart card and a fingerprint reader to iOS devices.
Tactivo has both GSA Schedule approval and FIPS 201 certification — it supports Common Access Card, Personal Identity Verification, PIV-I and Transportation Worker Identification Credential cards. That means that by installing one device, a non-secure iPad could suddenly support two-factor authentication, such as a fingerprint and a government card swipe for access. If a password is used, then it's triple authentication that is required before the device even hits network security.
"This latest GSA approval of Tactivo for iPad is pivotal to our ongoing rollout and delivery of mobile authentication solutions for federal agencies," said Thomas Marschall, the company’s CEO and president.
Tactivo for iPad (4th Generation) can now be found on the GSA Approved Product List, designating the transparent smart card reader compliant with all FIPS 201 mandates and OMB Memorandum 11-11.
A true BYOD program requires that employees be able to choose whatever device they feel comfortable working with, but government agencies also need to be a little more heavy-handed because of security needs. Devices like the Tactivo can help agencies balance the two.
NEXT STORY: Encrypting data in the cloud: Whose job is it?