Biometrics Making Mark in Mainstream Security

Learn the benefits of biometrics in certain security applications.

Biometric technologies have been around for years, primarily providing physical access control or time and attendance. With the mounting integration of biometric readers into physical security network devices, such as desktops, laptops and mobile wireless devices, the shift has started a trend toward a more all-encompassing credentialing solution that strives to unify chief security officers (CSO) and their security colleagues. Another significant trend centers on the integration of biometrics into access card readers and badges that could be replaced with biometric devices.

Biometric devices quickly and automatically confirm the identity of end users by comparing patterns of physical or behavioral characteristics in real-time against enrolled computer records of those patterns. Leading technologies accomplish this by scanning data files of an individual’s fingerprint, hand, iris, palm or voice for authentication.

Functionality Going Well Beyond Physical Access

Many security industry insiders contend that biometrics enhance privacy by erecting a barrier between personal data and unauthorized access. Technically, biometrics-based capture devices create electronic digital templates that are encrypted, stored and then compared to encrypted templates derived from “live” images to confirm identity. The templates are generated from complex and proprietary algorithms and are then encrypted using strong cryptographic algorithms to secure and protect them from disclosure.

RELATED: Why Biometrics Is Becoming More Viable

A number of post-9/11 federal government requirements are also driving biometrics into achieving dual functionality in both physical and logical security. For instance, with FIPS 201-1, CSOs are empowered with a tool to check the identity and status of individuals requiring access to enterprise or government resources. This increases capabilities beyond those of most legacy physical access credentials. It is important to understand the different authentication mechanisms and the levels of threat they mitigate. A CSO is in the best position to decide how to employ the FIPS 201-1 credential within the context of an overall security plan, bearing in mind requirements for throughput and operational and interoperability considerations for future expansions.

The high cost of data breaches and the need to meet compliance regulations are also pushing organizations to adopt heightened identity and access management (IAM) processes. Companies are looking to physical and logical identity convergence to increase security, reduce redundancies and create complete audit trails.

Converging physical and logical identity and access management enables organizations to more closely monitor which employees are requesting access to certain spaces and facilities, and not only when but also from where. In essence, identity convergence enables organizations to add a fourth factor of authentication. Traditionally, there are three possible ways in which employees can prove their identities: through (1) what they know via a password or personal identification number (PIN), (2) what they have via a proximity or smart card and (3) who they are via a biometric identifier. When physical and logical identity management processes are converged, companies can also use a fourth factor – where a person is – to verify identity.

Unified Credentialing Can Enhance Efficiencies

Without a unified policy, a person’s user accounts and credentials can become rogue identities that can be used by others to gain unauthorized access to information. With unified identity and access management processes, all of a person’s user accounts and credentials are managed centrally under a single identity. When he or she leaves, the identity and associated rights and privileges are removed, effectively disabling all of the user’s accounts and credentials assigned during the course of employment.

This integration also simplifies assigning employees new privileges when they take on new roles. Administrators can simply delete individuals from one user group and assign them to another to grant physical and logical access to everything necessary for the new role. This prevents the time lag that generally occurs in starting up a new user account – a period in which employees are unproductive or tempted to borrow each other’s account in-formation, a clear violation of many compliance regulations.

Physical and logical convergence also enables companies to use the same credentials, such as a fingerprint biometric, for physical and logical access. This can lower the cost of access control accessories as one authentication factor can be used for both, achieving a significant return on investment.

Using the same credential for both physical and logical identification requires technological interoperability. For example, the biometric reader on an employee’s laptop should use the same template to make a match at the biometric reader at the employee entrance.

Physical and logical convergence can also help organizations create more complete audit trails, enabling them to monitor not only the who, what, when and why of when confidential information is accessed, but the where and to whom as well. Security equipment manufacturers are moving rapidly to capitalize on a broad range of biometric applications, giving integrators an opportunity to help customers with much more than just security-related solutions.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author

Contact:

Bob Stockwell pens Security Sales & Integration’s “IT Intelligence” column, which covers network security. He is Chief Technology Officer for Stanley Security.

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Get Our Newsletters