A creative combination of technologies enhances security while lowering IT costs.
Traveling through airports during the holidays always makes me nervous, particularly at the point when I put my laptop in the bin and send it through the X-ray machine. I am equally nervous about putting my wallet and keys in the little plastic dish and sending them on a joy ride past the curtain of rubber strips.
There are so many TSA security people floating around the checkpoints these days that it's almost unthinkable to imagine someone creating a distraction in order to swipe your laptop, but that was a common ruse for quite some time. It's not that I have a lot of sensitive data to protect like some; it's more a fear that the new user could be so frustrated with my laptop operation that he decides to smash it to smithereens after the first boot up. This little baby needs TLC.
Laptop security, however, is a big concern to the industry, and I've noticed that some of my friends are choosing to include a fingerprint biometrics scanner in their new machines where it is offered as an option, and a few manufacturers are now routinely including fingerprint readers in their mid-priced models. The scanners are inexpensive to manufacture and make a nice add-on to enhance the value of the product.
The introduction of biometrics into the consumer market raises the question of what's next when it comes to the use of biometrics for securing data. Biometrics has been around for some time; one of the first automated biometric systems was installed in the late 1960s and used hand geometry to verify the user's identity. More sophisticated systems can actually identify someone from a large pool of people. Many different biometric systems are being produced, and others are being researched, all with various strengths and weaknesses. These range from facial thermograms, to a person's walking gait, to ear-shape recognition, and even to personal odor. With so many IT solutions, choosing one often is a question of cost versus benefit with an underlying interest in whether or not this thing is actually going to work. Most can be dialed up or down to increase the security level, with corresponding changes in the number of false readings. The future may belong to multimodal biometric systems that combine two or more techniques to improve performance.
IBM and Fujitsu recently announced a solution that combines biometrics with single sign-on, which stuns the proverbial two birds with one stone. Using the veins in one's hand—the pattern of which apparently is unique to the individual—Fujitsu Frontech North America is marketing a solution that scans a person's palm with near-infrared light and verifies the person's identity, eliminating the necessity to type in a password. Combining this with IBM's leading enterprise single sign-on solution means that users can simply wave a hand over a mouse-sized scanning device to gain access to multiple systems and applications, whatever they are authorized to use. At first glance, it would appear that the solution is devised to make life easier for users, but there is a solid business rationale behind it.
Help desk personnel rack up significant costs just dealing with lost and forgotten passwords. Even reducing the number of passwords a user must handle can lower a company's IT costs. This is a basic argument for moving to a single-sign-on solution, with or without biometrics. By adding Fujitsu's vein recognition component, companies can decrease their exposure to a system breach by either an employee or an outside intruder. The nice thing about biometrics is that the technology is very difficult to spoof.
"A typical organization spends hundreds of dollars per employee per year on lost passwords through help-desk support," says E. K. Koh, program director for single sign-on, IBM Tivoli software. "IBM's work with Fujitsu replaces archaic password structures with a single path of access that resides in the palms of the employees' hands and can be managed more efficiently, saving companies thousands of dollars in IT support while protecting critical organizational data and information."
The combination of Fujitsu PalmSecure LOGONDIRECTOR and IBM Tivoli Access Manager for Enterprise Single Sign-On can provide an organization with a comprehensive authentication solution for protecting data, according to IBM. The solution is further supported by today's need for healthcare and financial institutions to adhere to compliance requirements now in place, including HIPAA, Sarbanes-Oxley, PCI DSS, and other regulations.
While some biometrics solutions raise privacy issues, such as those designed to scan a person's retina, a process that can also indicate various disease states, palm vein biometric technology is fairly unobtrusive and should be acceptable to most employees and rights organizations. Business Partners that specialize in security solutions will want to give this solution a second look. Jerry Sforza, president of Encode, Inc., an IBM Premier Business Partner, described the new Fujitsu-IBM offering as a "smart security solution" that ensures the right people have the right access to critical organizational data.
Look for biometric solutions to become an increasingly important feature on the security landscape of the future and to present revenue opportunities for Business Partners looking to support their clients with state-of-the-art security.