Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com The Cost Justification for Choosing Biometrics Roy Lopez System Engineering Director.

Slides:



Advertisements
Similar presentations
Web Security for Network and System Administrators1 Chapter 1 Introduction to Information Security.
Advertisements

Bring Your Own Device (BYOD) Understanding BYOD June 27, 2013 © 2013 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks.
Security Controls – What Works
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
Lecture 11 Reliability and Security in IT infrastructure.
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
Why Managers Must Understand IT Managers play a key role –Frame opportunities and threats so others can understand them –Evaluate and prioritize problems.
Identity Management, what does it solve By Gautham Mudra.
Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist.
Lexmark Print Management
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Cognizance Identity and Access Management Identity Management ● Authentication ● Authorization ● Administration The next generation security solution
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Identity and Access Management Dustin Puryear Sr. Consultant, Puryear IT, LLC
Treasury in the Cloud Bob Stark – Vice President, Strategy September 17, 2014.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Telecom Expense Management Overview Fortune Consulting
Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Enterprise Privacy Architectures Leveraging Encryption to Keep Data Private Karim Toubba VP of Product Management Ingrian Networks.
Delivering Security for Mobile Device and Mobile Application Management INSERT MSP LOGO HERE.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
SAMANVITHA RAMAYANAM 18 TH FEBRUARY 2010 CPE 691 LAYERED APPLICATION.
Citrix Solutions in Financial Services Joseph Alexander Delgado Business Development Manager, Citrix Wordtext Systems, Inc.
 Chapter 14 – Security Engineering 1 Chapter 12 Dependability and Security Specification 1.
Name of Presentation T E C H N O L O G Y S O L U T I O N S G R O U P The Next Ten Big Things To Know David Strom, Technology Editor, VARBusiness Michael.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
1 Evolution and Revolution: Windows 7 and Desktop Virtualization How to Accelerate Migration to Windows 7 Miguel Sian, Sr. Enterprise Solutions Consultant.
Securing Data in Transit and Storage Sanjay Beri Co-Founder & Senior Director of Product Management Ingrian Networks.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Information Technology Current Work in System Architecture January 2004 Tom Board Director, NUIT Information Systems Architecture.
Information Systems, Security, and e-Commerce* ACCT7320, Controllership C. Bailey *Ch in Controllership : The Work of the Managerial Accountant,
Introduction to Information Security
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.
IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.
Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.
Building a Fully Trusted Authentication Environment
Identity Management and Enterprise Single Sign-On (ESSO)
About Softex Mission Statement: “To provide innovative security software products and solutions for computing devices” Softex was founded in 1992 by IBM.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Company Overview & Strategy Lance McAndrew Product Line Sales Engineer.
Case Study: Applying Authentication Technologies as Part of a HIPAA Compliance Strategy.
Living With Your New IP PBX David M. Laurenson, VP Information Technology and CIO A. Finkl & Sons A.Finkl & Sons founded in 1879 HQ in Chicago World’s.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
Tomaž Čebul Principal Consultant Microsoft Bring Your Own Device, kaj pa je to?
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
Total Enterprise Mobility Comprehensive Management and Security
A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó.
Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Securing Enterprise Identities Against Cyberthreats Brian Krause Manager of North America.
Distributed Asset Management Making The Business Case
Data and database administration
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
BOMGAR REMOTE SUPPORT Karl Lankford
Enterprise Single Sign-On
Company Overview & Strategy
Identity & Access Management
How to Mitigate the Consequences What are the Countermeasures?
PLANNING A SECURE BASELINE INSTALLATION
Presentation transcript:

Hosted by: June 23-26, 2003 New York City The Cost Justification for Choosing Biometrics Roy Lopez System Engineering Director Novell Inc.,

Hosted by: June 23-26, 2003 New York City 2 Agenda How real is the threat? Will the technology facilitate your business objective? Understanding the issues Building a business case Additional considerations and futures Q&A

Hosted by: June 23-26, 2003 New York City 3 How real is the threat?

Hosted by: June 23-26, 2003 New York City 4 How real is the threat? “It’s not hacking that results in the most damaging penetrations to an enterprise’s security system. It is often the work of an employee within the enterprise that causes the most damage. And while many of those incidents are due to employee malice, a great number stem from the manipulation of employees - often without their knowledge - that results in the theft of crucial data. “ Rich Mogull, Senior Analyst GartnerGroup Gartner estimates that more than 70% of unauthorized access to information systems is committed by employees, as are more than 95% of intrusions that result in significant financial losses. Kristen Noakes-Fry, Research Director Gartner

Hosted by: June 23-26, 2003 New York City 5 How REAL is the threat?

Hosted by: June 23-26, 2003 New York City 6 Traditional, Best of Breed Security Architecture Web server Apps AIX, Solaris, HP-UX, Linux, etc DMZ NT/2000 OS/390 NetWare ® /NT admin Users Web server Web users VPN, Dial-up, Wireless users Access Control server OS/390Admin Unixadmin Apps NetWare Appsadmin Web admin

Hosted by: June 23-26, 2003 New York City 7 Leveraging technology to achieve business objectives

Hosted by: June 23-26, 2003 New York City 8 What is your objective? What benefits do you hope to gain and which pain points do you hope to address with the deployment of this technology? –A stronger form of authentication/better security? –An improved end user experience? –Are you hoping to reduce password related help desk and administration costs? Will you be requiring your mobile workforce to biometrically authenticate?

Hosted by: June 23-26, 2003 New York City 9 Is your main objective to be secure? –Tsutomu Matsumoto and the gelatin finger Two factors are better than one –How secure is the entire software architecture? Is the client and server software digitally signed? –Tamper resistant Are the client and server software mutually authenticating? –What is the authentication protocol? Is the communication between the biometric device and the back end system encrypted? –Integrated, circuit-based readers are probably more appropriate than optical-based readers Biometrics for security

Hosted by: June 23-26, 2003 New York City 10 Biometrics for convenience Is your main objective to improve the end user experience? –Can be very successful as a password replacement –Initially, saw more convenience than security- oriented engagements, but this is changing Which form factor is right? –While this model often provides the greatest ROI, there’s still the cost of managing the solution

Hosted by: June 23-26, 2003 New York City 11 Understanding the issues

Hosted by: June 23-26, 2003 New York City 12 Lessons learned from other Big Ideas What lessons can we learn from PKI? –1999 Headlines: “This is the year for PKI” –2000 Headlines: “PKI, Nothing but Pilots” –2001 Headlines: “This is the year for PKI” –2002 Headlines: “What’s PKI?” Why have PKI deployments failed to take off as hoped? What percentage of your applications recognize a digital certificate? It’s probably higher than the percentage of your applications that recognize a biometric device, let alone the one your organization is considering

Hosted by: June 23-26, 2003 New York City 13 Enabling applications In order for the project to be successful, it must be focused –Focus on enabling a specific area for biometric authentication with clear milestones What needs the higher level of authentication –A certain application –A group of users –All network access Which of those applications recognize or respect the biometric authentication? –The easiest way to restrict access to network resources is via single sign-on products

Hosted by: June 23-26, 2003 New York City 14 Building a business case

Hosted by: June 23-26, 2003 New York City 15 Building a Business Case Some aspects of advanced authentication can be quantified, but most value is very difficult to quantify and in some cases more qualitative. –Quantifiable benefits Password management Advanced authentication by itself does not provide an easily quantifiable ROI Advanced authentication coupled with other access management components provides compelling ROI Fraud protection –How much is your company’s reputation worth? Value of data Value of transaction Audit and Compliance –Not easily quantified Improved security/reduced risk Compliance to regulations

Hosted by: June 23-26, 2003 New York City 16 What are you spending today?: Calculating the cost of passwords Calculating Password Costs with IDC Data Number of employees IDC’s estimate of password management costs per year per user Annual Password Management Cost 1000 $ $200, Calculating Password Costs with Gartner Data Number of employees Gartner’s estimate of password calls per user per year Your estimate of cost per call Annual Password Management Cost $30.00 $144,000

Hosted by: June 23-26, 2003 New York City 17 What costs should I consider? Hard costs –Hardware Can range from $50 per device on up An average finger print reader will cost $125 per device –Software Some vendors try to charge you extra for the software to make their hardware products work Soft costs –Implementing, managing, and supporting a biometric based solution –Enabling applications to leverage the biometric –These costs can vary by significantly by vendor and can easily make up the majority of costs

Hosted by: June 23-26, 2003 New York City 18 Calculating the cost of biometric solution Calculating Biometric Solution Costs Biometric device cost X # of users per device) Software Administration Costs (first year) Plant and Facilities (Hardware/Servers) Total Cost of Deployment $125, Varies by vendor Varies by Vendor Varies by vendor $???,???.00 Note: Does it require a separate user repository, a separate security policy, etc.? The less it integrates with reusable infrastructure, the higher the cost of deployment and ownership will be. Annual password management costs - total cost of biometric deployment = first year return

Hosted by: June 23-26, 2003 New York City 19 Administration Costs Things to consider that will affect administrative costs: –What will it take to biometrically register each user? –What if later on you choose a different biometric vendor? –Is the access policy for biometric users separate from your application and operating system policy? What will it take to make these consistent? How will you enforce policy change across these systems? –Does the solution require a separate user repository? How will you manage the life cycle of users in multiple repositories? –Does the solution provide standards-based or open interfaces or will custom and proprietary work be required to integrate the authentication with the applications?

Hosted by: June 23-26, 2003 New York City 20 Additional considerations and the future Additional considerations and the future

Hosted by: June 23-26, 2003 New York City 21 My opinion A couple key things have happened in the industry that enable biometric deployments to show a positive ROI. –Vendors have begun to consider the life cycle management and deployment issues and have begun implementing this into their products. –Single sign-on technologies are finally coming of age and can greatly reduce integration costs and enable application integration

Hosted by: June 23-26, 2003 New York City 22 My advice Additional considerations: –There are over 450 biometric vendors in the market today The market is no where near being large enough to support this many vendors Plan on continued consolidation and attrition –Either deploy biometrics for a single application or deploy as part of a holistic access management strategy that considers: Identity management Policy management Access control –Require your biometric vendor to integrate with your standard’s- based user repositories, and support Multi-Factor Authentication –Understand the role of new standards such as SAML, SOAP, XACML and how this will not only relate to your biometric strategy, but affect the overall security of your organization

Hosted by: June 23-26, 2003 New York City 23 Questions?

Hosted by: June 23-26, 2003 New York City 24

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.