| |
Biometry - Viable Solution to all Possible Authentication Flaws
• Biometric authentication relies on a unique physical or behavioral trait of an individual which cannot be simulated. Biometrics is preferred to other authentication means because of three important reasons: biometric traits cannot be forgotten or mislaid and they can generally be lost only through severe traumas
• They are extremely difficult to copy, share and distribute
• They always require the physical presence of the person being authenticated at the time and point of authentication
The most common version is the usage of fingerprints to authenticate. Used to identify individuals for over one hundred years, fingerprints are preferred for biometric usage as they are readily accessible and require little physical space both for the needed reading sensor hardware or the stored data. Backed with secondary password protection systems, fingerprint based authentication can provide you and your employees with a safe usage of portable devices.
Why Should a Company Secure UFDs?
Other than the obvious and immediate effect of using biometrics on an UFD, which is protecting the stored data, such a security policy has a subsequent objective. Using fingerprint authentication turns the respective authentication mechanism into a gateway, allowing or denying access to certain sensitive applications such as online banking services, internal databases and so on. The use of the fingerprint validation system is therefore expanded to monitor users when running any of the existing software applications.
Securing the UFDs is necessary to ensures compliance to current standards
While it can appear to be a large investment, securing the UFDs a company’s employees use is necessary to ensures compliance to current standards. Regulations currently being legislated in the US and internationally, such as Sarbanes-Oxley, HIPAA and Gramm-Leach Bliley, focus on increasing the accountability of individuals and organizations for their actions regarding access and use of sensitive information. This accountability further implies a strong binding of individuals to their digital identity.
HIPAA (US)
The Congress enacted the Health Insurance Portability and Accountability Act (HIPAA) in 1996. A key goal of HIPAA is to protect medical records by establishing transaction standards for the exchange of health information, security standards, and privacy standards for the use and disclosure of individually identifiable health information.
SOX (US)
The Sarbanes-Oxley (SOX) Act of 2002 - developed to protect investors by improving the accuracy and reliability of corporate disclosure. According to Section 404 of the Act, all public companies to assess and report on the effectiveness of internal controls and procedures for financial reporting, including access and dissemination of sensitive financial information.
|
|
