Your skin gets you in.Passwords are passe pas·sé adj. 1. No longer current or in fashion; out-of-date. 2. Past the prime; faded or aged. [French, past participle of passer, to pass, from Old French; see ; biometrics is in It seems like science fiction or something from Mission: Impossible: put your finger in a device for a scan, show your face to a camera, peer into a box that reads your retina, or recite your name to a listening device, and doors--both physical and virtual--open to you. Few companies restrict physical entrances with biometric devices, but certain technologies, such as finger scanning Noun 1. finger scanning - biometric identification by automatically scanning a person's fingerprints electronically finger scan biometric authentication, biometric identification, identity verification - the automatic identification of living individuals by , are gaining ground as guardians of data. Are they right move for your business? WHERE THREAT RESIDES The 21st century enterprise pays some high-tech attention to thwarting data thieves--mainly those who would chip away at the corporate firewall from the outside. However, the inside thief is often the biggest problem. While network administrators shore up firewalls and apply security patches to keep out hordes of crackers, vandals, spies, and thieves, unauthorized access to data happens within organizations--often through poorly implemented password policies. Passwords are a great idea in theory--and they often work well in conjunction with other solutions, such as encryption and dial-backs from the host computer being called. But the dilemma with passwords is this: If they're easy to remember, they're easy to crack; if they're difficult to remember, users usually write them on Post-it notes, inside dictionaries, on phone books, or inside keyboard trays, where anyone can easily find them. And when employees are on the road, the threat increases exponentially. "People need to consider the value of their data, especially when traveling with it," says Jack Smith, a security analyst for the U.S. Department of Energy's Computer Incident Advisory Capability See CIAC. (CIAC (Computer Incident Advisory Capability) A group within the U.S. Department of Energy (DoE) that serves as the department's CERT and makes its bulletins and documents available to the public. For more information, visit www.ciac.org/ciac. ) team. "Consider how many business travelers walk off and leave their computers in their hotel rooms." Corporate spies don't want you to know they've stolen information, so you may not even be aware that the system locked "safely" on the hotel room desk and guarded with a biometric device has given up all its secrets through a quick removal and copy of its hard drive. ENTER: BIOMETRICS The fingerprint ID system U.are.U by Digital Persona Digital Persona (DP) is the electronic representation, an information model, of an individual's public personality based on and maintained by transactions or secondary information, and is intended for use as a proxy for the individual. Inc. (www.digital persona.com) eliminates the need for passwords, says George Myers George Myers can refer to
The package protects Windows and Interact accounts through a suite of applications that includes a one-touch login, screensaver, and password capabilities. The package also features Private Space, which lets a finger scan Noun 1. finger scan - biometric identification by automatically scanning a person's fingerprints electronically finger scanning biometric authentication, biometric identification, identity verification - the automatic identification of living individuals by encrypt data the user designates as sensitive. The Deluxe version of U.are.U ($99) runs under Windows 95 and 98, while the Enterprise Suite ($149) runs under Windows NT (Windows New Technology) A 32-bit operating system from Microsoft for Intel x86 CPUs. NT is the core technology in Windows 2000 and Windows XP (see Windows). Available in separate client and server versions, it includes built-in networking and preemptive multitasking. and 2000 and offers server support at $50 per user. U.are.U Online protects Websites, using an application service provider (ASP) model. Any other Website, such as a medical practice, law firm, or business-to-business commerce site, can let users get secure access to their Websites. Currently medical facilities use it to secure patient files. The sensor costs $50, and U.are.U charges $3-$5 per month for each user. So for $36 a year, a physician can have secure access to patient records. Authentication takes between one and four seconds, says Myers. Current U.are.U customers include courts, California Commerce Bank, the medical outfit Novoste Corp. in Atlanta, and municipalities such as Glendale, California Glendale is a city in Los Angeles County, California, United States. It lies at the eastern end of the San Fernando Valley, is bisected by the Verdugo Mountains, and is an important suburb in the Greater Los Angeles Area. . Another company, Siemens PSE PSE 1. pale soft exudative pork. 2. portosystemic encephalopathy. TechLab, put finger identification in its natural place--on top of a mouse, just south of the finger-scrolling wheel. The $129 ID Mouse (www.siemensidmouse.com) doesn't call attention to the security feature the way a separate finger-sensing device might. The discriminating rodent connects to a USB port A USB socket on a computer or peripheral device into which a USB cable is plugged. See USB. on Windows 98 or NT 4 systems and sup ports both left- and right-handed users. Big Blue has also integrated the IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) Embedded Security Chip into some of its NetVista computers (priced from $699 to more than $2,000). The security subsystem lets you work with encrypted e-mail, protects data on your hard drives (with encryption), and beefs up authentication. Biometrics is one embedded Security Chip-compatible authentication tool. IBM's security offering is built around a daughter card with 128-bit encryption, and integrates with Digital Persona's authentication product. Sony has also entered the biometrics space with the FIU-700 series fingerprint ID system, priced at $299. About the size of a credit card, the device provides both security and authentication and is geared toward the electronic transaction market, as well as areas that require tight security, such as virtual private networks (VPNs), law firms This list of the world's largest law firms by revenue is taken from The Lawyer and The American Lawyer and is ordered by 2006 revenue:[1]
The stand-alone device is USB-powered, weighs just 1.3 ounces, and features 1MB of internal flash memory that stores the keys, fingerprints, and other needed data, such as passwords to Websites. "Most small businesses say if someone takes their hard drive (and gets access to the data stored on it), it would be bad," says Clain Anderson, IBM's market director and alliance manager. "A key step is making sure the right person is at the keyboard. You can't forget your fingerprint; you always have your finger." DO THEY WORK? "They'll definitely help," says CIAC's Bill Orvis. "Having to put your thumb onto the little device makes it harder for somebody to get into your system. If you carry your computer with you, someone shoulder surfing Shoulder surfing may refer to one of two things:
"It's not the James Bond stuff we're concerned with," says Myers. "It's the Post-it on the monitor with passwords." Myers adds, "We have scientists that do nothing but attempt break-ins with fake fingers and other methods. Any 2D impression won't work; we have fake finger rejection, though nothing is completely unbreakable. "On the electronic hack side, you can encrypt the image right at the sensor, capture and encrypt it locally." Another enhancement Myers suggests: employing a certificate authority in the server, using public key infrastructure (PKI (Public Key Infrastructure) A framework for creating a secure method for exchanging information based on public key cryptography. The foundation of a PKI is the certificate authority (CA), which issues digital certificates that authenticate the identity of ) between the server and all the U.are.U client machines. Smith cautions that "any device that doesn't protect the disk by some form of encryption is just acting as a lock on the front door. You can walk right around to the back door, take the hard drive out of the machine, copy it, or do whatever you want to with it, and the user would never know. You have to totally integrate the devices with protection of the disk" he adds. To improve security, companies can require authentication of up to 10 fingers plus a password. With accuracy at a reasonable setting, false rejection of a fingerprint happens less than 1.4% of the time, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Myers "Nothing is foolproof," cautions Orvis. "You make it harder so what's on What's On (Traditional Chinese: 熒幕八爪娛) is a weekly half-hour TV series that airs on Fairchild Television. Format Originally started in 1996, the show is currently the longest-running program in Fairchild Television history. the system isn't worth breaking into. If you put a biometric device on the front of the computer, I probably won't try to defeat it; I'll find some other way in. If you have Windows NT with a real login, you could put this biometric on the front of it. I'd pull the hard drive out and plug it in as the second drive on another NT system--and have full access to it. You need to go beyond a big lock on a front door made of tissue paper." Orvis suggests a locking file drive, or bolting the computer to the desk and requiring a key lock so no one can take the drive out. "Biometrics alone aren't solutions for desktop computers because there are lots of other ways to get in. "You've got to combine it with some way of keeping people out of the disk, especially with Windows 95, where all you've got to do is hit "cancel," and you're in. With NT (and Linux, Solaris, Irix, etc.), you're required to log in to the operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. . If I have physical access to the machine, I can still bypass that, but [a biometric device] makes it a whole lot harder." Adds Smith, "People will lock down their computer with a cable lock, but if someone wants their data, they don't care about the cable. Remember, biometrics works for physical access. Encryption works over networks (LAN (Local Area Network) A communications network that serves users within a confined geographical area. The "clients" are the user's workstations typically running Windows, although Mac and Linux clients are also used. , WAN, or Internet), too." (For more information on biometric devices, see the feature, "Future Tech," in this issue.) |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion