Posts Tagged ‘Security’

10 ways to protect your company from employee transition risks

Tuesday, March 3rd, 2009

SAN FRANCISCO - FEBRUARY 6: Art Coviello, Exe...

Image by Getty Images via Daylife

 

Editors Note:  This was orginally published by Chad Perrin on blogs.techrepublic.com.

Employment transition is an often overlooked danger to company security. Make sure you have policies and procedures in place that will protect your business from security compromises when someone leaves your company.

The day a decision is made to transition an employee out of a company — whether it is the employee or the employer who makes that decision — is the wrong time to develop and apply security policy related to employment transition. Such policies should be planned and implemented long before that day comes. Being unprepared could result in security breaches, as well as resentment on the part of both former and current employees. Disgruntled employees create the very internal security problems against which you should protect your organization.

The following is a list of categories of security policy related to employment transitions. Some categories may overlap in certain areas, but each has its own, irreplaceable importance to overall policy effectiveness.

1: Access controls

Biometric data, keycards, keys, parking or gate passes, and other physical access controls should be tracked and managed carefully. Many security precautions such as firewalls, deactivated remote access accounts, and strong password policy can be circumvented at times simply by walking up to a physical computer and doing things the “hard” way. Such items should be managed as carefully as possible without disrupting the work of employees, so that the items are more easily recovered, deactivated, and/or replaced if and when the time comes. In extreme cases, locks may need to be changed and new keys reissued, but in many cases a well-managed system should allow most access control measures for a given employee to be simply deactivated with a few keypresses or mouse clicks.

(more…)

Tags: , , , ,
Posted in Interesting News | No Comments »

Going beyond Hand Scanning - Vein Recognition

Tuesday, February 3rd, 2009
City of Las Vegas
Image via Wikipedia

At the Consumer Electronics Show in Las Vegas earlier this month, Fujitsu showed off a new idea in security-minded technology that the Japanese company argues could make the fingerprint an obsolete symbol of personal data: vein-pattern recognition.

Put your hand over a computer’s mouse and an infrared camera shines an invisible light onto — and through — your palm.

By measuring where that light is absorbed and reflected, the system maps the veins in your hand, a collection of crisscrossing lines that Fujitsu claims can reliably identify a user far more accurately than scanning the whorls or loops on his or her fingertip.

That innovative system, which Fujitsu calls Palmsecure, has been sold in its mouse-embedded form in the U.S. since August of last year.

It’s not cheap: A single mouse and software setup costs around $430 US.

But according to Fujitsu’s tests, vein pattern recognition can identify a user on the first try 99.99 per cent of the time and mistakenly approves the wrong user in only .00008 per cent of cases, far less often than fingerprint scanners.

“To get beyond this in terms of accuracy, you’d have to look to DNA,” says Joel Hagberg, Fujitsu’ vice president of marketing and business development.  Vein pattern recognition is the latest — and in some respects, most promising — attempt to reach the holy grail of cybersecurity, what professional digital paranoiacs call “three-factor” authentication.

To prove users’ identity and keep out intruding data thieves, a system would test them based on something they know (say, a password), something they have (such as the RSA tokens that show an encrypted, changing series of numbers) and, perhaps trickiest of all, something they are — a “biometric” test of their physical characteristics.

That last factor has traditionally meant verifying a fingerprint, or in some high-security government settings, a high-resolution photograph of an iris.  As cumbersome as that three-step process sounds, it may be increasingly important in keeping data secure, particularly in the business world. (more…)

Tags: , , ,
Posted in Datacenter, Future of Technology | No Comments »