Menu
Baby steps closer to authentication that doesn't rely on passwords
When a company claims that one of its trade secrets has been violated, the courts require that the company prove it took steps to secure the information from unauthorized use. When Wayman Fire Protection attempted to demonstrate that it met the security-measures threshold by password-protecting the documents it claim were trade secrets, the court ruled "Uh-uh."
An August 22, 2014, article on the JDSupra Business Advisor site attributed to Quinn Emanuel Urquhart & Sullivan, LLP, states that the Delaware Court of Chancery ruled against the company, finding that in this case, password-protection alone was insufficient to maintain trade-secret status. The two documents in question were taken from the company's Salesforce.com account.
A former Wayman employee had copied files from the account along with others on his backup drive and then shared them with his new employer, a Wayman competitor. After losing a bid to the competitor, Wayman sued the company, which conceded liability on several issues. However, the court ruled against Wayman on its claim of misappropriation of trade secrets. Simply applying a password isn't enough to indicate that the information is considered a trade secret.
So courts are starting to recognize that passwords aren't a particularly secure way to secure sensitive information. Maybe this will help organizations decide to give passwords the boot as their primary means of authenticating their employees and customers. Alternate authentication technologies are available that put passwords to shame.
The most recent example of biometric authentication going mainstream is the eyeball selfie. As Sarah Buhr explains in an August 20, 2014, article on Tech Crunch, EyeVerify has garnered some big-name backers for its ID-verification technology based on the blood vessels in your eyeball. Just hold your phone eight inches from your eye, take a picture, and EyeVerify matches the blood vessel pattern with the image it has on file for you.
Eyeball selfies offer advantages over competing biometric authentication methods: they're more difficult to defeat than fingerprint readers and more accurate than voice recognizers, according to the experts. To my way of thinking, we're getting very close to ABP (anything but passwords).
An August 22, 2014, article on the JDSupra Business Advisor site attributed to Quinn Emanuel Urquhart & Sullivan, LLP, states that the Delaware Court of Chancery ruled against the company, finding that in this case, password-protection alone was insufficient to maintain trade-secret status. The two documents in question were taken from the company's Salesforce.com account.
A former Wayman employee had copied files from the account along with others on his backup drive and then shared them with his new employer, a Wayman competitor. After losing a bid to the competitor, Wayman sued the company, which conceded liability on several issues. However, the court ruled against Wayman on its claim of misappropriation of trade secrets. Simply applying a password isn't enough to indicate that the information is considered a trade secret.
So courts are starting to recognize that passwords aren't a particularly secure way to secure sensitive information. Maybe this will help organizations decide to give passwords the boot as their primary means of authenticating their employees and customers. Alternate authentication technologies are available that put passwords to shame.
The most recent example of biometric authentication going mainstream is the eyeball selfie. As Sarah Buhr explains in an August 20, 2014, article on Tech Crunch, EyeVerify has garnered some big-name backers for its ID-verification technology based on the blood vessels in your eyeball. Just hold your phone eight inches from your eye, take a picture, and EyeVerify matches the blood vessel pattern with the image it has on file for you.
Eyeball selfies offer advantages over competing biometric authentication methods: they're more difficult to defeat than fingerprint readers and more accurate than voice recognizers, according to the experts. To my way of thinking, we're getting very close to ABP (anything but passwords).