Passwords And Even More Passwords
Well, how was everybody’s weekend out there??? Ours (mine and Anita’s) were actually quite busy. Our spectrum of activities ranged from meeting her friends for a wonderful Greek dinner, to bidding on a new condo, to planning our financial future. You see, we plan to be married next July of 2012, so it is very important to me to start planning financially so I can take care of and support Anita. My thinking is why wait for three years to start saving, when we can start saving now??? I have saved a good chunk of change in the last few months, so over the weekend, we met with a financial advisor to start planning, and investing.
It was a smooth meeting, and we went over the exact investments where the money will be at. Being the former IT guy that I am, probably one of the first questions I asked was when I can access our portfolio (in the financial world, this is known officially as “asset allocation”) online. Our financial advisor told us the steps in how to do it, but when he said setting up the username and password, I cringed. I thought: “What, another UN and PW to remember? How many more do I have to remember?” So with this in mind, I came across a Press Release which discusses using Biometrics as a means of alleviating the password dilemma. The Biometrics Vendor is known as “Digital Persona”, their solution is known as the “DigitalPersona Pro”.
Here is the inside goop: “DigitalPersona Pro now helps IT departments reduce the cost of handling password resets through new user self-service and IT-assisted system access recovery features. DigitalPersona Pro also helps streamline auditing and reduces regulatory compliance risk through new reporting capabilities. The suite offers centrally-managed full disk encryption, multi-credential authentication for Windows and applications, two-factor VPN authentication and single sign-on (SSO), and may deliver savings of as much as half the cost of deploying point products or competitive security suites . . . DigitalPersona Pro not only helps users recover from lost passwords, it makes advanced authentication simple to deploy, use and manage. With DigitalPersona Pro, businesses can use fingerprint biometrics, smart cards and other forms of credentials to log into Windows, applications and networks. Businesses can even combine the security of one-time passwords for remote access with the ease-of-use of these other forms of strong authentication. With DigitalPersona Pro, mobile notebook users can safely log into VPNs, Webmail and other RADIUS-compatible applications without having to carry hardware-based tokens or launch separate software token applications. DigitalPersona Pro’s management software offers a choice of deployment options, from a browser-based service to fully-integrated Active Directory snap-ins, giving IT administrators a familiar and efficient way to manage security policies. Businesses can deploy whichever security applications from the suite they need and then add others later as their needs grow – without the risk of incompatibility or cost and pain of adding a whole new management system.” (SOURCE: http://www.findbiometrics.com/industry-news/i/8944/).
Final Thoughts On Today’s Posting
As you can see, this Biometrics solution does provide a number of distinct advantages, which include:
*It is a centrally managed system, in which the end user has primary authority and control over their own passwords and related administration (and also offers easy to use and understand audit trails);
*It hosts and supports a whole array of other types and kinds of Security options, such as Smart Cards, Cryptography, one time Passwords;
*It also supports the use of a wide array of networking protocols, such as VPN, RADIUS, etc. (this makes it ideal for the mobile employee, or the road warrior);
*This Biometrics solution also provides for an ease of deployment. For example, it can be accessed via a standard web browser, or be implemented as an add on to Active Directory, this offering the scalability over time advantage;
*A specific set of challenge response questions can be created, rather than using just a general list. For example, SME’s can now ask questions which are related to the work environment, thus making it easier for the employee to remember the appropriate answer.
OK, you may be wondering at this point what is so special about this Biometrics solution versus the other Single Sign Solutions (SSO’s) I have written about??? Well, take another look at the first bullet above. In the past, all of the SSO’s I have discussed about have involved as to how Biometrics can help the IT department reduce the costs and workload of password administration. But, the ultimate responsibility rested with the IT department.
But now, through this Biometrics solution, this administrative burden is now virtually passed onto the end user. Meaning if an employee forgets their own password, they can establish a new one by themselves rather than having to bug their poor network administrator. Another thing to remember is that despite the advancements in other Security Technologies, the password is here to stay, and probably for the longest time, and will continue to be a burden. According to a survey mentioned in the Press Release, some 80% plus businesses will require their employees to change their passwords at least once in a quarter, causing this to be a nightmare for some 90% of these businesses.
So why not create something simple enough so the end user can do all of this themselves? When I checked the statistics last, it costs something like $250/employee to do a password reset. Why not trim these costs by empowering the employee to do all of this by themselves? It only makes sense to me. After all, in tight economic times, IT budgets are the first to get slashed, so why not be proactive and save some costs for future spends??? Just think, $250 may seem like a small amount, but magnify that over a huge staff of employees, the costs explode, into the hundreds of thousands, and even millions. Something for the CEO and CIO to think about . . . Biometrics can help save costs, and empower your employees!!!
It's very good that it could be applied to different networking protocols types.
Posted by: US vpn | September 27, 2011 at 12:39 AM
Very, very nicely done!
Posted by: sale purse outlet | December 08, 2011 at 03:22 PM
The cost of handling password resets through new user self-service and IT-assisted system access recovery features. Thanks for sharing this content to us.
Posted by: chicago collocation | January 12, 2012 at 12:23 AM