There are numerous reasons, starting with the understanding that a phone, although a convenient answer, is not a secure answer. 1) In the vast-majority of cases, phones are owned by the user and not the enterprise; 2) The user controls the loading of biometrics on the device; 3) Multiple biometrics can be loaded/changed on the device by the user; 4) Phones still utilize a back-door PIN code for access that can be shared/stolen; 5) Phones are always connected (Wi-Fi or Cellular) and thereby discoverable by bad actors; 6) Phones have innumerable other applications within them, allowing malware and back-door access to the device; 7) Phones aren’t allowed in most enterprises secure environments, call centers and other critical areas; 8) Imagine the number of different types of phones within an enterprise, all with potentially different levels of operating systems. What would the help-desk burden be to manage access control issues across so many different versions?
Menu