Opinion

Infosecurity 2008 - Taking security into your own hands

Fingerprint biometrics is emerging as the authentication method of choice for access to enterprise data, applications and networks, writes Jim Fulton, vice-president of DigitalPersona.

As companies continue to look for the best way to secure corporate assets, they are turning to fingerprint authentication to replace passwords, smart cards, tokens and Pins. Unlike other authentication methods, fingerprints provide a unique identifier for each person, that cannot be lost, stolen or shared.

What is the weakest link?

For many, password authentication is the weakest link in the security infrastructure. Passwords only work if individuals use them correctly, all the time. Despite guidelines, procedures and purchased safeguards, one user can still override an IT department's efforts by simply sharing a password. The human element all too often results in a number of common password problems:

  • Too many passwords: Users are encouraged to use a variety of passwords for each application. This practice inevitably leads to individuals using common words as passwords or keeping written records of them.
  • Easy passwords: Users tend to set passwords based on words that they can remember easily, making them simple for hackers to guess or break using basic password cracking programs.
  • Single passwords for many systems: To avoid remembering many passwords, people will often use the same password even on insecure sites where passwords may be sent in clear text. A single password, once cracked, can open many doors.

Where is fingerprint authentication being used?

Many industries are realising the importance of biometrics and identity management as a means to eliminate the risks and costs associated with password security and to help streamline regulatory compliance.

  • Retail Outlets: Stores are using fingerprint authentication in the front and back-office to create a verifiable user-unique audit trail of employees who access cash drawers in POS terminals and to monitor time and attendance.
  • Healthcare: Hospitals and doctors are relying heavily on fingerprint authentication as a means to better secure access to patient records, speed the time-to-application for workers that use multiple applications, and eliminate PCs and workstations with centralised multi-user kiosks.
  • Financial Markets: Banks are using fingerprint authentication to secure monetary transactions and customer records, improve customer service and provide bank employees with faster and more secure access to multiple databases.

Advantages of fingerprint authentication

Increased speed and ease of use are a plus, while the return on investment is impressive due to increased productivity and reduced demands for IT support. In light of increasing corporate governance, fingerprint authentication is proving useful for helping companies to remain compliant. By restricting access and providing an accurate audit trail, malpractice is prevented and data breach compliance regulations are observed. An important reason for using this technology is the increased security it provides. By ensuring identity based on who you are (fingerprint) rather than what you know (password) organisations can be confident that only authorised individuals have access to corporate and digital assets.

>> Computer Weekly Infosec Europe showguide and preview




Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

This was first published in April 2008

 

COMMENTS powered by Disqus  //  Commenting policy