Your workers have long struggled with password management, making them a target for bad actors. But Apple's offering a new solution that could help with those pesky passwords--and strengthen your business's overall cybersecurity posture.
Unveiled at Apple's June developer conference, Apple's new passkey relies on biometric identification systems (think Touch ID or Face ID) to authenticate a special digital code. Apple devices create a unique public-private pair of keys for a given account, similar to the end-to-end encryption used with services like iMessage. Passkeys sync across devices through Apple's iCloud Keychain, which stores everything from credit cards to usernames to, you guessed it, passwords.
So rather than typing out a given password, users would use their passkey and biometric authentication to access their accounts. Apple says that it's a replacement for the password--one that's more secure, efficient, and convenient.
Many lauded the announcement, with some even saying that Apple's passkey could be the death of the password.
But a password-less future is not necessarily the case ... at least for now.
Though we may be moving toward a password-less world, NordPass's Gerald Kasulis, the vice president of business operations for North America at the digital security company, doesn't anticipate a password cemetery in the near future.
"Because of the legacy applications and integrations into small or even big companies, I don't think a complete password-less environment will be around anytime soon," Kasulis says.
Still, small businesses could use help in the password department--especially as cybersecurity risks continue to rise. The number of ransomware attacks spiked by a third in the past year, research from the Boston-based cybersecurity company Cybereason shows. Remember that a single compromised password was sufficient to launch the Colonial Pipeline cyberattack, which fueled widespread gas shortages across the East Coast last year.
But before rushing to adopt passkeys, small businesses should first understand the strength of their biometric capabilities, says Alon Nachmany, chief information security officer at AppViewX, a New York City-based software company. He adds that it's important to invest the time to understand how passkeys work and what happens if their personal devices are unlocked or compromised, as a business would when adopting any other new technology.
"This announcement has the potential to be a cybersecurity game changer for SMBs that normally don't have the funds and resources to have enterprise-level security protocols and processes," Nachmany says, adding that it'll reduce phishing attacks since there's no password to be compromised.