Computerworld
Quick Menu
Search



Ads by TechWords

See your link here


Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Finance
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
Computerworld 2007Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.
Laptops
Toshiba Laptops with Intel® Centrino® Duo. Free Shipping

Biometrics: Getting Back to Business

After 9/11, public-sector interest in biometrics spiked, but standards and stringent scalability testing are still needed to trigger widespread corporate adoption.
 

Sign up to receive Security Resource Alerts

May 9, 2005 (Computerworld) -- People and passwords—in the long run, they just don't work very effectively together. At least that's what Phil Fowler, vice president of IT at Telesis Community Credit Union, a Chatsworth, Calif.-based financial services provider that manages $1.2 billion in assets, found out. His team ran a network password cracker as part of an enterprise security audit last year to see if employees were adhering to Telesis' password policies. They weren't.


"Within 30 seconds, we had identified probably 80% of people's passwords," says Fowler, whose group immediately asked employees to create strong passwords that adhered to the security requirements. A few days later, the team ran the password cracker again: This time, they cracked 70%.


"We couldn't get [employees] to maintain strong passwords, and those that did forgot them, so the help desk would have to reset them," says Fowler. Telesis decided to secure network and application access with a biometric system that eliminated the need for user IDs and passwords, opting for the DigitalPersona fingerprint system from DigitalPersona Inc. in Redwood City, Calif.


The use of biometrics—the mathematical analysis of characteristics such as fingerprints, veins in irises and retinas, and voice patterns—as a way to authenticate users' identities has been a topic of discussion for years. Early commercial success stories have largely come from applying biometrics to projects with provable returns on investment: time and attendance, password reduction and reset, and physical access control. Though biometric work remains primarily in the pilot stages, the events of 9/11 pushed emerging commercial products to center stage—a spot some say they weren't ready to claim. Vendor focus shifted from the private sector toward the huge contracts many expected would be awarded in the public sector, say observers.


The attacks on 9/11 "brought focus to what was going on in biometrics, and [vendors] switched gears. Where previously they were thinking about [biometrics] for enterprise access, they decided government contracts were the next gold mine and jumped on that," says C. Maxine Most, president of Acuity Market Intelligence in Boulder, Colo.












Phil Fowler, vice president of IT at Telesis Community Credit Union
Phil Fowler, vice president of IT at Telesis Community Credit Union
Image Credit: Manuello Paganelli

The problem with this strategy, she says, is that commercial biometric systems aren't standardized and haven't been tested in large-scale implementations of the type federal agencies are undertaking, such as the US-VISIT and Transportation Worker Identification Credential projects.


Samir Nanavati, a partner at International Biometric Group LLC, a consultancy in New York, says the problem was more a lack of public-sector readiness than technology shortfalls.


"In 2001, the private sector was aggressively researching and testing biometrics, and the public sector had a couple of projects," Nanavati says. "After September, the biometrics industry reread the whole landscape and decided to gravitate toward the public sector, going after a market that wasn't ready for them." But, he adds, there are plenty of smaller stories of "biometrics hitting the bottom line" in the private sector.

Finger on Access

Continued...
1 | 2 | 3 | 4 | NEXT  



Print this Story Send Us Feedback E-mail this Story Digg! Digg this Story Slashdot this Story
Biometrics: Getting Back to Business
Sidebar: Online Resources on Biometrics
Sidebar: I Want To Read Your Hand
"Yes, NASA has confirmed that some laptops taken to the International Space Station were infected with an online-gaming password stealing..." Read more...
"Linux is more secure than most operating systems, but Not if you don't practice basic security measures..." Read more...
Read more Security posts or See all Blogs
Cellular operators say they're ready for Gustav
Psystar calls Apple a 'monopoly' in antitrust charges
Doubt cast on Seinfeld as Windows TV ads near
More top stories...
IT workers hit hardest by offshore outsourcing, survey finds
Microsoft: No more Windows Live Mail crashes with IE8 Beta 2
Microsoft warns of IE8 lock-in with XP SP3
Telework can change office dynamics in ways you hadn't anticipated. Proceed cautiously.
Got a painfully slow connection or random dead spots? Our tips will help you get the most out of your wireless network.
Listen up, managers: Employees don't quit the job; they quit you.
Netbooks, ultraportables, mini-notebooks — whatever you call them, they've been grabbing headlines. Are they here for the long term or just a flash in the pan?
Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS.
Four years from now, the IT field will be a vastly different place. Will you be ready?
All Zones
Application Performance Zone
Business Continuity Zone
The File Data Management Zone
Security Management Zone
ITIL Best Practices Zone
The SAS Zone
Business Intelligence and Analytics Zone
Windows Protection Zone
Identity & Security Management Zone

Ads by TechWords

See your link here
From Laggard to Leader: Transforming the Data Center
From Laggard to Leader: Transforming the Data Center
Register for this complimentary live webcast today!
Go to the webcast 
Computerworld Executive Bulletin: Building a Robust Antivirus Defense
Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs.
(Source: MessageLabs) Antivirus software alone isn't enough to prevent today's speedy, sophisticated virus attacks. Security managers should consider multitiered approaches that include behavior scanning, appliances that check e-mail for worms, and restricting user access to dangerous Web sites. Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs, to learn more.
Download this executive briefing download
Online Security Issues in Regulated Industries
Download this research paper, free for a limited time, compliments of Webroot!
(Source: Webroot Software) In June 2008, Computerworld invited IT and business leaders to participate in a survey on online security initiatives at their organizations. The goal of the survey was to better understand Web and e-mail security issues faced today within the regulated education, financial services, government and health care industries. The following report represents top-line results of that survey.
Download this white paper go
White Papers
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
Archiving Compliance with Sunbelt Exchange Archiver
The Impact of Messaging and Web Threats
Advanced Load Balancing: 8 Things You Need to Handle Today's Network Traffic
View more whitepapers