Angelo Gajo | October 30, 2019 | 5 minutes
Organisations that breach the trust of its customers by losing control of their data in cyberattacks are now looking to find better ways to protect their data and their reputations. In a previous blog, we mentioned the Essential Eight cyberattack mitigation strategies and how multifactor authentication is a critical part of protecting organisations from the ever-increasing threat of cyberattacks. While voice biometrics is an excellent technology for an improved multifactor authentication, voice biometrics also addresses another part of the essential eights which is to “restrict administrative privileges”.
The Essential Eights as listed by the Australian Cyber Security Centre
Administrative privileges are the ability to access and make changes in a system. If this privilege is not restricted, the organisation is exposed to increased risks. These risks can include data breaches and cyberattacks, two of the top five risks affecting businesses worldwide as identified by the World Economic Forum. These types of risks can greatly affect the customers trust in organisations. External and internal fraudsters can gain access to certain accounts which may have unnecessary administrative privileges. The repercussions of these incidents can lead to huge losses in money and customer trust. In the 2019 Cost of a Data Breach report by IBM, the average total cost of a data breach globally was USD 3.9 million (USD 8.2 million in the United States, USD 4.8 million in Germany, USD 4.4 million in Canada, USD 3.9 million in United Kingdom, USD 2.1 million in Australia and USD 1.8 million in India). If security officials don’t take their and their customers’ data and privacy seriously, organisations will significantly risk losing millions.
So how does voice biometrics help restrict administrative privileges? Voice biometrics can be implemented as a verification tool when assigning administrative privileges or providing system access. For example, admins would need to verify their identity via voice first before assigning administrative privileges to other users. Conversely, admins can also assign certain administrative privileges to specific voiceprints only. This means that if a fraudster manages to take over an admin user’s account, they would still need the right voice to perform administrative tasks.
Voiceprints can also be deleted anytime or have set expiry duration to provide temporary administrative privileges. This ensures high-level security and privacy, protecting invaluable data from fraudsters. Users would need to verify their identity via voice before they can revalidate their need for administrative privileges.
Voice biometrics is effective because it is different from traditional methods such as passwords, PINs or knowledge-based security questions. Voice biometric solutions using ArmorVox can prevent fraudsters using recorded, mimicked or artificially generated voices to successfully trick the system. With voice biometrics providing a unique non-repudiable digital signature, an organisation can easily analyse the data and identify who gained access, at what time, with what device. It can also be used to identify any fraudster attempting to break into an organisation’s system by trying to gain access to administrative privileges.These features help lessen the prevalence of cyberattacks.
With Auraya’s voice biometrics technology, organisations can implement voice biometrics in any telephony or digital channel, whether it’s on-premise or cloud-based. Additionally, with OpenID Connect 1.0 integrated into Auraya’s voice biometrics technology, restricting administrative privileges through portal or website access is highly secure. Using traditional methods such as passwords as your only line of defence for accounts with administrative privileges is simply not enough. It’s time for organisations to value their customer data and privacy and protect it from both external and internal fraudsters.