Fingerprint biometricsis emerging as
the authentication method of choice for access to enterprise data,
applications and networks, writes Jim Fulton, vice-president
ofDigitalPersona
.
As companies continue to look for the best way to secure
corporate assets, they are turning to fingerprint authentication to
replace passwords, smart cards, tokens and Pins. Unlike other
authentication methods, fingerprints provide a unique identifier
for each person, that cannot be lost, stolen or shared.
What is the weakest link?
For many, password authentication is the weakest link in the
security infrastructure. Passwords only work if individuals use
them correctly, all the time. Despite guidelines, procedures and
purchased safeguards, one user can still override an IT
department's efforts by simply sharing a password. The human
element all too often results in a number of common password
problems:
- Too many passwords: Users are encouraged to use a variety of
passwords for each application. This practice inevitably leads to
individuals using common words as passwords or keeping written
records of them.
- Easy passwords: Users tend to set passwords based on words that
they can remember easily, making them simple for hackers to guess
or break using basic password cracking programs.
- Single passwords for many systems: To avoid remembering many
passwords, people will often use the same password even on insecure
sites where passwords may be sent in clear text. A single password,
once cracked, can open many doors.
Where is fingerprint authentication being
used?
Many industries are realising the importance of biometrics and
identity management as a means to eliminate the risks and costs
associated with password security and to help streamline regulatory
compliance.
- Retail Outlets: Stores are using fingerprint authentication in
the front and back-office to create a verifiable user-unique audit
trail of employees who access cash drawers in POS terminals and to
monitor time and attendance.
- Healthcare: Hospitals and doctors are relying heavily on
fingerprint authentication as a means to better secure access to
patient records, speed the time-to-application for workers that use
multiple applications, and eliminate PCs and workstations with
centralised multi-user kiosks.
- Financial Markets: Banks are using fingerprint authentication
to secure monetary transactions and customer records, improve
customer service and provide bank employees with faster and more
secure access to multiple databases.
Advantages of fingerprint authentication
Increased speed and ease of use are a plus, while the return on
investment is impressive due to increased productivity and reduced
demands for IT support. In light of increasing corporate
governance, fingerprint authentication is proving useful for
helping companies to remain compliant. By restricting access and
providing an accurate audit trail, malpractice is prevented and
data breach compliance regulations are observed. An important
reason for using this technology is the increased security it
provides. By ensuring identity based on who you are (fingerprint)
rather than what you know (password) organisations can be confident
that only authorised individuals have access to corporate and
digital assets.
>>
Computer Weekly Infosec Europe showguide and preview