|
Biometric Security Devices.
Biometric Security Devices. Sounds intimidating and extremely complex. Like most things, it’s not necessarily all that. Basically Biometrics is the use of facial recognition, finger or whole hand scanning and eye scanning for identification. The technology is even listed in the Patriot Act recently passed by congress for US border entry.
We will set aside some of the larger implications of this technology as it is not appropriate for this article. In relation to securing access to sensitive equipment in a business environment the most cost effective, accurate and easy to use of these technologies is fingerprint scanning. Facial recognition is still expensive and requires additional equipment and support that really isn’t feasible for most business. Besides, most people consider having there picture taken intrusive. The eye scanner solution is the most intrusive. Imagine having to stick your face up to or into something and then knowing that other people are doing the same thing. Plus, and this is only this authors opinion, there are to many areas of this technology that open a company up to potential legal action. Some of these issues are sanitation of the scanner itself, long term effects of the scanner beam on the human eye. Repetitive stress etc. etc. Most of these claims will probably be bunk but best to avoid the issue all together. Remember, America has more lawyers than any other country.
A company can equip a machine with a fingerprint Biometric for less than 200.00 dollars. The advantage of the fingerprint scanner should be obvious but lets go over them. We will discuss the downside as well.
The advantages:
1.Ease of equipment and software install. You can either perform a simple local install or incorporate the entire log on procedure into your Active Directory network permissions at a later date with little or no additional hardware to purchase.
2. No more forgotten passwords. As discussed in another section of our web site many users will tape their password to the underside of their keyboard. You have a huge security issue and no one knows. If Harold has taped his hand to the underside of the keyboard that is, hopefully, very obvious.
3. No more password sharing. Many employees know each others password. Normally innocuous this can lead to huge problems. I can’t remember the number of times I have been on site for a tech call and the machine I have to work on is logged off and the user is no where around. After looking under the keyboard I usually just stand up and looking across the cube farm saying “Does anyone know Mike’s password?” I have never gotten less than three correct answers. Usually from people who have absolutely no business knowing what it is. “Sure,” you say, “you are the computer guy, people are supposed to be able to tell you.” That may be true. However, not only do I know it now so does everyone else in the office. Angry at the company? About to be downsized? Lets take a shot a the company and lets do it logged in as Mike.
4. Device durability. In general you can expect these devices to last 3 to 5 years in a regular office.
5. Compliance with Federal regulations. Because of the nature of the relationship with certain federal agencies there can be requirements placed on your company. Fingerprint biometrics are approved methods for network access and security by HIPAA, DOD and other government bodies.
6. Positive identification of user. Basically if the log file says that Mike logged in, then you can rest assured Mike logged in. In a more gruesome light you could also assume that some cut off Mike’s finger or dragged his unconscious body to the machine.
7. Reduction in IT expense. Many service calls or in house support calls are because of lost or misremembered passwords. Better to not spend that money at all or use it in a better way. This author must note that some companies which sell these products claim that up to 70 percent of support calls are forgotten passwords. I strongly disagree with these statements but it is still an issue. In our corporate experience only about 20% of our calls are forgotten passwords.
The disadvantages:
1. Increased equipment cost. Though moderately priced this is still an additional purchase. Most companies do not have inside IT staff and do not feel comfortable or have the time to do the install themselves. So have expenses in paying an outside company to do it for you.
2. Airbag syndrome. When airbags first hit the mainstream many people stopped wearing seatbelts. Time has shown that airbags were only an additional safety device. Biometric fingerprint scanning may be DSP (dead solid perfect) in it’s ability to control PC access but it is only part of the plan. If you don’t do the other things you aren’t doing much at all.
|
