printer friendly version

Biometrics - the logical route to securing your data

The convergence of different IT systems and the integration of different solutions such as HR, CRM and supply chain management into one centralised system has resulted in increased data-sharing, and with that, increased security risks.

Shared data increases security risks associated with integration, which has given rise to a need for secure logical access control. A significant concern is rising from ensuring that users have access to information that they need, but do not have inappropriate access to sensitive information.

The solution for secure-data sharing and access to individual PCs and networks is that of logical access control that provides authorised persons access and denies unauthorised persons to secure accounts and data. For years, logical access control in the form of passwords has been used in an attempt to secure access to sensitive data and systems. Far from the most cost-effective means of securing systems, a 2003 Gartner Report confirmed that password administration and maintenance costs large organisations in the region of 137 to 220 Euros per person per year.

The foundation on which secure logical access control is built is that of accurate identification and authentication. Traditional authentication systems are based on verifying something the user knows - such as a password - and/or possesses, such as a card or token. The problem with these elements is that there is no way to uniquely link them to the actual user.

A key benefit of biometrics is that it cannot be lost, stolen or forgotten. The most reliable and widely accepted form of biometric security is that of fingerprint identification.

The concept of securing vital information through secure fingerprint-based biometric devices has caught on strongly in South Africa in both the government and private sectors. In government systems, fingerprint technology has been deployed to secure vital national identification data. One of the most significant security advances in South Africa's criminal justice system has been the application of fingerprint technology to secure the national integrated justice system (IJS). Fingerprint readers are used specifically in forensic laboratories, the logistics departments, the firearm licensing department and the stolen vehicle department to secure sensitive information and systems. With the fingerprint-based logical access control, the crucial requirement of preserving the integrity of the information and protecting it against improper modification are achieved through detailed audit trails of access to the databases.

There is a growing interest in the convergence of physical and logical access control as more companies and organisations realise the importance of securing not only physical access onto company premises, but also the sensitive data and systems contained within.

According to Gary Jones, managing director of Ideco Biometric Security Solutions, "The importance of integrating physical and logical access control cannot be understated. Before biometric-based logical access controls were widely available, physical access control was the primary method of protecting both the physical facility as well as the information on an IT system. However, little was done in the past to truly secure the actual data.

Logical access control can enhance overall security by acting as an additional guard against unauthorised access to, or use of the system's resources. The most secure means of ensuring successful convergence of physical and logical access control is through that of integrated biometric applications. Through biometric technology, the problems of both unauthorised physical and logical access can be negated through a single technology.

Share this article:

Further reading: