Continued growth in the use of mobile devices and applications in the workplace, along with increased business-related usage of the internet of things (IoT), will open up a gaping new vector for cybercrime growth in the coming year—leading to new thinking on identity management.
That’s according to Unisys Corp, which predicts that 2015 will see the public demanding new ways to protect their online identities. This is partially motivated by the seemingly never-ending litany of highly publicized data breaches involving the personal data of millions of US consumers. But, as mobile devices are used for IoT applications such as remote control of household appliances, health monitoring devices and hotel room keys, the need to verify the identities of mobile device users will become even more urgent.
"In 2015, the trend will morph from BYOD (bring your own device) to BYOID (bring your own identity)," said Terry Hartmann, vice president of security solutions and industry applications at Unisys, in a statement. "Consumers need a central gateway device that belongs to them and is associated with their unique identities."
The introduction of mobile payment solutions like Apple Pay has begun to address this need for stronger online security protection.
"Given that most consumers already have such a device, authentication will move from the back end of transactions to the front end – the consumer's device," Hartmann added. "Increasingly, users' identities will be authenticated through ID codes, IP addresses and tools such as biometric readers built into smartphones. Meanwhile, the back end will serve as an ecosystem for risk assessment."
Unisys experts also predicted that despite payment card data compromises at major retailers, US consumers, retailers and financial institutions will not readily embrace the use of chip-embedded credit cards requiring users to enter personal identification numbers when making a transaction.
"Rather, I can see consumers and retailers rapidly adopting solutions like Apple Pay because they are quicker and easier to use than a credit card," said Dave Frymier, vice president and chief information security officer at Unisys. "This also will save consumers the trouble of replacing lost credit cards. If a phone is lost, you can simply disable the phone and revoke the credentials stored on it."
As computing platforms proliferate, data that had previously been split up and partitioned among physical infrastructure will converge in the cloud, making it more difficult for security professionals to isolate and protect their most critical data and systems. Accordingly, Unisys security experts predicted increased use in 2015 of security analytics and data forensics tools within businesses to combat cybercriminals. Such tools can detect and respond to unusual behavior on the network, allowing organizations to respond to and recover from cyber-attacks faster.
Encrypted communities of interest can also help address this problem.
"Cybersecurity problems will continue to exist because technology is changing at a faster rate than organizations can put security measures in place," Frymier said. "As devices and items such as cars and home appliances are connected to the Internet, they present more opportunities for the bad guys to get to consumers' private data and even into their homes. For better or worse, the cyber-world is changing faster than the security models used by most organizations, and that will continue to leave us vulnerable to cyber-criminals."