By Mohammed Murad

A recent survey by a leading computer security and encryption provider found two-thirds of global small and mid-sized business had suffered a cyberattack within the past 12 months. That’s scary. But what may be even more frightening is that U.S. businesses report their attacks are almost twice as likely to come from a company insider as opposed to an external hacker.

Despite widely publicized attacks on enterprise organizations, such as Target and Equifax, most SMBs remain unprepared to protect their sensitive data. Nearly half of those surveyed labeled their company’s IT efforts ineffective and four in 10 said they don’t have any incident plan in place.

We need to educate SMB IT professionals on ways they can protect against cyber criminals. One way to stop insider attacks is through the use of end-to-end solutions using biometric authentication to protect both the physical and the logical sides of security. While this concept may have started with government and private enterprise organizations, there’s no reason it can’t be as effective at the SMB level. The concept is simple: tightly control who enters company facilities and who has access to the network.

Current efforts rely heavily on the use of easily hacked proximity access control cards for building entry. Some more forward-looking organizations are using personal identification verification (PIV) cards including smart chips with employee photos, fingerprints, PINs and other identifying details. But cards and PINs can be stolen or lent, and fingerprints can be spoofed or provide inaccurate results. This is where iris recognition can make a big difference.  Recently, the FBI also recommended the utilization of multifactor authentication to eliminate security risks at workstations.

Here’s how it can work. As employees arrives at a building entry, they use their access card then take a second to look into an iris reader. If all the data matches, the door opens. Inside, the same system can integrate with elevators and office doors. Finally, a one more iris reader at workstations ensures only the proper person can access the computer and its data. There is also no doubt about who has used the system.

Passwords, long a security weak spot, are eliminated. Employee credentials are easier to manage and security is improved. SMB organizations can even add time and attendance software to the system to make computing payroll more convenient.

The effectiveness of iris recognition systems has been proven in office buildings, airports and border crossings. Mobile units have been successfully used in the field. Iris ID technology is the world leader in iris-based authentication systems. Our systems integrate seamlessly with nearly all leading access control platforms.

This Iris ID end-to-end plan offers enhanced security. It ensures only approved employees can enter facilities and access company computers. It also makes it clear who has used workstations, making potential hackers think again before launching an internal attack.

It’s time for small to mid-size businesses to take control of their total security needs and fight back against those who would jeopardize a company’s reputation and financial well-being.

(Mohammed Murad is vice president, global sales and business development, Iris ID.)