Get a FREE trial
to the Total Information Service, includes Insider Weekly and iSeries 400
Experts Journal
A Publication of iSeries 400 Experts Total
Information Service
Passwords be gone: Biometric authentication
comes to iSeries
By Sarah Kimmel
Monday, October 20, 2003
Biometric security stands tall where
user names and passwords fall short — companies that use biometrics
gain strong authentication, and without multiple passwords per user,
managers lower the total cost of administration ownership.
“Technology has moved at
a fantastic pace — think of your cell phones, computers, and
PDAs just a few years ago — but one thing hasn’t changed;
we are still using pins and passwords. This is one of the weakest
links in IT security. I think people look at biometrics and think
it’s either too clunky or too expensive. That couldn’t
be farther from the truth,” says Mark Wade, vice president
of sales, North America, Daon, New York, NY.
Biometrics is a set of unique personal
identifiers, such as your fingerprints, your eye’s iris, or
your voice. Now the first biometric solution for the iSeries, Daon’s
Java-based identity management system — called the DaonEngine
— allows iSeries shops to set up and enforce policies that
use biometric devices to control access to physical assets (like
buildings) as well as logical assets (like ERP systems).
“More than 90% of those using
biometric authentication are using fingerprint scanning. Iris
scanning is primarily used in ‘clean rooms’ (where employees
must be garbed and gloved). Voice recognition hasn’t really
taken off yet. I don’t think people are ready for it and it’s
still too resource intensive,” says Wade.
The problems with passwords
Why do pins and passwords pose vulnerabilities?
While in theory they protect, the reality is that:
Employees share their passwords with others
With multiple applications and numerous passwords to remember,
employees use weak passwords — such as their birthday or
partner’s name
Employees put all of their passwords on a Post-It, in a Word
document, or in their PDA, where they are overly accessible
Employees use a single password for all of their applications
When a user logs on to his computer
with his fingerprint, the DaonEngine knows who he is before logging
him on to the network. Using random finger logic — where the
user is asked to randomly scan one of eight fingers — companies
can further ensure their buildings and their systems.
“Fingertip identification
is exceptionally reliable, and when done correctly, is very cost-effective
to deploy and can be ubiquitous — you couldn’t put an
iris scanner on every desktop. I say ‘done correctly’
because the technology is the enabler, but there also needs to be
some clever business logic behind it. Random finger logic, for example,
is a way to put up another wall between the enterprise and the outside
world,” says Wade.
In addition to being less accurate,
passwords may also be more expensive. Wade cites a recent Gartner
study that shows password management — including fixing lost
or forgotten passwords — typically costs a company $280 per
user per year. Compared with password management, companies will
achieve a return on their investment in fingerprint scanning technology
within 18 months, notwithstanding the significant security benefits.
Right now, biometric authentication
is becoming more prevalent in government and in the transportation
industry, as well as in the financial, gaming, and life sciences
industries. London City Airport, the third largest airport in Britain,
has biometric security implemented for all employees, from the air
traffic controllers to the ticket clerks.
“Even in areas like manufacturing,
biometric authentication tightens up security, as well punctuality
and attendance. Our system does away with ‘buddy-punching’
(when an employees clocks out for a co-worker) because no one can
authenticate without their own finger,” says Wade.
The DaonEngine for iSeries is now
generally available. Daon will not publicly reveal pricing for the
DaonEngine. For more information on Daon, see www.daon.com.
Daon and its partner Key Information
Systems held a Biometrics webinar on September 16. To view the recording,
see www.keyisit.com/websched/.
4 issues of Insider Weekly – Award winning research of
what’s new, what’s working, what’s not –
You’ll stay on top of market conditions and IBM’s ever-shifting
strategies and make the best moves for your shop.
iSeries 400 Experts Journal – Enhance your technical
skills right away with guidance from the industry’s best
on OS/400, DB2, RPG, security, networking, Java, WebSphere and
more!
BONUS! 2003 Complete Archive CD (a $295 value) If you decide to become a subscriber, you get the most comprehensive
knowledgebase of iSeries 400 expert how-to advice and management
insight covering V4R3 to V5R2 from Insider Weekly, iSeries 400 Experts
Journal, and Inside Version5. It’s all on one easy-to-use
CD so you can find what you need fast.
Yes. Please send me one month of the new iSeries 400 Experts Total
Information Service (TIS) with no obligation. If, after reading
it, I decide iSeries 400 Experts TIS isn’t for me, I can simply
write cancel on the bill — and I owe nothing. The first month’s
issues are mine to keep, free.
Otherwise, I’ll send $595 for a full year of
expert advice for iSeries 400 Experts Journal, Insider
Weekly, and Complete Archive CD-ROM. (a $959 value)
100% No-Risk Guarantee: If I’m ever
unhappy with my subscription to iSeries 400 Experts, I can receive
a full refund.
