Make biometrics part of your security strategy

While biometric solutions have been available for two decades, the technology has seen only a very gradual acceptance. But biometrics has had time to evolve, and Mike Mullins says it's time to integrate some applications into your organization's security architecture. Find out what he suggests.

Biometrics technology is the stuff science-fiction movies
are made of. For decades, we’ve glimpsed the future of iris scanning, voice
recognition, and fingerprint scanning—all in the name of total security.

When biometrics first emerged for computing in 1984, the
industry touted it as the cure for the common password. Through the 1990s and
early 2000s, several computer hardware vendors tried to entice security-conscious
organizations into changing their security authentication models from something
you know (such as long and complex passwords) to something you are (such as finger,
hand, or voice prints).

But let’s face it: To date, the industry has seen only a
very gradual acceptance—and often reluctance—to change the standard. New
security technology is often hard to accept, particularly in its early stages.
However, biometrics has had time to evolve, and it’s time to consider
integrating some specific biometric applications into your organization’s security
architecture.

Lock down physical access

If you work in a midsize to large company, ID cards are
acceptable as an initial entry mechanism for your exterior controlled spaces.
What about after someone has made it inside the building?

Biometrics that use hand geometry or fingerprint scans offer
an affordable and scalable solution that can help put an end to that never-ending
task of key changes, ID card programming, and door security combination
changes. Users are human, and—more often than not—they won’t hesitate to loan a
key, hand over an ID card, or give out the combination to a door to help
someone do his or her job.

It’s often difficult to detect this type of misuse, and it
can be tough to punish a person if the results of that misuse help the company.
But by deploying a biometric entry system for interior sensitive spaces, you can
greatly increase the security of those spaces. In addition, you can significantly
decrease the change time between granting access and removing access without
disturbing current operations.

How much time and money does your company spend changing
locks, key codes, and ID cards after an employee no longer requires access? Do
the math, and make a pitch based on your calculated savings—you’ll win every
time and increase your overall security posture.

Secure machines on the move

For most organizations, laptops are part of the computing
environment. Some companies assign a laptop to a specific user; others assign
laptops to departments, and a pool of users share them based on travel needs.

However, using passwords on laptops can pose problems. These
issues include:

Forgotten passwords: Whenever a
user forgets the laptop password, you must change the old password and
create a new one before anyone else can use the machine.
Shared account: Instead of
providing each user with an individual account on a laptop, some companies
create a shared account with a simple or no password—and that means little
or no protection for corporate data.
Locked accounts: Does this situation
sound familiar? A user on a business trip working in a hotel room at 2
A.M. forgets the password and therefore requires after-hours support. This
can be the most dangerous scenario because you’re more likely to give out the
admin password. That means you’ll need to change every machine that uses
that password immediately.

Using biometric technology, you can better protect your
corporate data and your users by enabling them to access the machine without
requiring them to remember a complicated password. Determine how much time you
spend on laptop access, and you’ll likely be able to justify any additional
costs associated with biometric access.

Final thoughts

Biometrics can’t cure all of your access authentication
problems. If a user loses a laptop that contains sensitive data, that data is still
in danger.

However, biometrics can simplify and increase your control
over your organization’s assets. Integrate biometrics within your organization,
and gain greater control and flexibility over your security architecture.

Miss a column?

Check out the new Security
Solutions Archive, and catch up on the most recent editions of Mike
Mullins’ column.

Worried about security issues? Who isn’t? Automatically
sign up for our free Security Solutions newsletter, delivered each Friday,
and get hands-on advice for locking down your systems.

Mike Mullins has served as an assistant
network administrator and a network security administrator for the U.S. Secret
Service and the Defense Information Systems Agency. He is currently the
director of operations for the Southern Theater Network Operations and Security
Center.

TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

Payroll

The Best Human Resources Payroll Software of 2023

With a lot of choices in the market, we have highlighted the top six HR and payroll software options for 2023.

A computer running Windows 11. — Image: Microsoft.

Software

Windows 11 update brings Bing Chat into the taskbar

Microsoft's latest Windows 11 allows enterprises to control some of these new features, which also include Notepad, iPhone and Android news.

A software engineer works from home. — Image: tanatat/Adobe Stock

CXO

Tech jobs: No rush back to the office for software developers as salaries reach $180,000

Salaries for remote roles in software development were higher than location-bound jobs in 2022, Hired finds.

Project management process to manage and develop with resources to deliver quality product, agile development cycle, businessman project manager balance on clock juggling project management elements. — Image: Nuthawut/Adobe Stock

Software

The 10 best agile project management software for 2023

With so many agile project management software tools available, it can be overwhelming to find the best fit for you. We've compiled a list of 10 tools you can use to take advantage of agile within your organization.

A user typing a password. — Image: Song_about_summer/Adobe Stock

Security

1Password is looking to a password-free future. Here’s why

With phishing-based credentials theft on the rise, 1Password CPO Steve Won explains why the endgame is to 'eliminate’ passwords entirely.

PURPOSE This Media disposal policy from TechRepublic Premium provides specific instructions for ensuring organization data is properly protected when disposing of old storage media. From the policy: POLICY DETAILS When disposing of damaged, unusable, obsolete, off-lease, decommissioned, old, or end-of-service-life equipment and media, the organization requires that the guidelines outlined herein be followed: Hard drives, ...

PURPOSE To take some of the effort out of writing (and rewriting) emails to share with company staff and executives, TechRepublic Premium has assembled basic templates to handle the most common types of communications. Simply copy the text into your favorite word processor and customize it to fit your needs. Then, paste it into an ...

Make biometrics part of your security strategy