Presentation is loading. Please wait.

Presentation is loading. Please wait.

Keogh and Associates Copyright 2003 A LOOK AT LARGE SCALE DEPLOYMENTS Presenter Colin Keogh Keogh and Associates.

Published byMiranda Robertson Modified over 9 years ago

Similar presentations

Presentation on theme: "Keogh and Associates Copyright 2003 A LOOK AT LARGE SCALE DEPLOYMENTS Presenter Colin Keogh Keogh and Associates."— Presentation transcript:

1 Keogh and Associates Copyright 2003 A LOOK AT LARGE SCALE DEPLOYMENTS Presenter Colin Keogh Keogh and Associates

2 Keogh and Associates Copyright 2003 Are large enterprises ready for biometrics? At first glance it would seem so… It’s affordable - costs have fallen dramatically There are many choices of proven technologies It works well for the vast majority of users There is a good value proposition for biometric authentication (Physical Security, Time and Attendance, …) There is a heightened sense of urgency to strengthen security

3 Keogh and Associates Copyright 2003 Large Scale Deployment Security assessment Choice of biometric technology Choice of software and middleware Installation Implementation Training Analyze and update

4 Keogh and Associates Copyright 2003 Physical Security Physical security is about protecting tangible assets from harm. These assets can include (but are not limited to) people, buildings, vehicles, documents, food and drink, pharmaceuticals, consumer or industrial products, art, museum artifacts, and money. The harm to be avoided can include theft, destruction, vandalism, sabotage, espionage, or tampering.

5 Keogh and Associates Copyright 2003 Security Assessment “A process whereby security concerns are identified and their impact upon the organization are analyzed”

6 Keogh and Associates Copyright 2003 Security Components Security Policy Security Awareness Security Organization Physical Security Personnel Security Threat Assessment IT SecurityIncident Analysis Security Training

7 Keogh and Associates Copyright 2003 A biometric solution for all your security needs is not always the best approach!!!!!

8 Keogh and Associates Copyright 2003 ISO 17799 and Biometrics Security policy Organizational security Asset classification and control Personnel security Physical and environmental security Access control

9 Keogh and Associates Copyright 2003 Magnetic Stripe Card PIN/Password Magstripe Card and Password Secure ID and PIN Smart Card and PIN Biometric Multi- Modal Biometrics INCREASED SECURITY LOW MEDIUM HIGHLY SECURE

10 Keogh and Associates Copyright 2003 Expenditure Areas Increased Stayed the Same Decreased %& Internal security personnel expenditures 32 52 11 Internal security operations expenditures 40 50 7 Security consulting expenditures 23 43 27 Contract guard expenditures 32 37 22 General personnel screening expenditures 34 49 12 Access control expenditures 55 31 8 Anticipated Security Expenditures for 2003-2004

11 Keogh and Associates Copyright 2003 The RFP Describe what is needed not how to achieve it Allow vendors to tender solutions Make the vendor prove that their integrated product meets your requirements Develop an evaluation model to compare the different solutions

12 Keogh and Associates Copyright 2003 RESELLER INTEGRATOR CONSULTANT SECURITY SYSTEM MANUFACTURER

13 Keogh and Associates Copyright 2003 Consultants Consultants can help with your complete security plan and implementaion. They can also recommend integrators and resellers that they have worked with in the past. Their knowledge of the industry will save you thousands of dollars and hundreds of hours.

14 Keogh and Associates Copyright 2003 Integrators Integrators work closely with leading biometric technology vendors and independently keep abreast of the latest developments in the biometrics sector, they can provide solutions specific to each customer's security requirements. They are independent of the manufacturer so they can let the need drive the solution.

15 Keogh and Associates Copyright 2003 Resellers Resellers are retail partners for a manufacturer. They specialize in that manufacturer’s products and usually carry solution based software for the manufacturer’s hardware. Resellers let the hardware drive the solution. Give them your specifications and let them respond with their solution.

16 Keogh and Associates Copyright 2003 Vendors The biometric vendors manufacture the hardware or write the software. They do not supply complete integrated solutions. They work with resellers and integrators as their interface to the end user.

17 Keogh and Associates Copyright 2003 Selection Criteria Cost Long term compatibility Public acceptability Attack resistance Ease of use and deployment Level of accuracy Size

18 Keogh and Associates Copyright 2003 There is no single biometric that fits all and each deployment situation must be viewed on its own merits; this way, the requirements shape the biometric solution, the biometric solution does not shape the requirements.

19 Keogh and Associates Copyright 2003 Types Of Biometrics Fingerprint/finger geometry Hand geometry Iris/retina Facial image/facial thermograms Voice Signature Keystroke

20 Keogh and Associates Copyright 2003 Biometric Hardware Cost Biometric Implementation Cost

21 Keogh and Associates Copyright 2003 Product Considerations Interoperability User population Maintenance Obsolescence Testing Continuing evaluation Resources

22 Keogh and Associates Copyright 2003 Public Acceptability Finger7 Signature9 Hand7 Iris/Retina4 Facial8 Voice8 Scale is from 1 lowest to 9 highest

23 Keogh and Associates Copyright 2003 Ease of Use Finger8 Signature9 Hand7 Iris/Retina3 Facial5 Voice8 Scale is from 1 lowest to 9 highest

24 Keogh and Associates Copyright 2003 Level of Accuracy Finger8 Signature4 Hand7 Iris/Retina9 Facial4 Voice7 Scale is from 1 lowest to 9 highest

25 Keogh and Associates Copyright 2003 Interfaces Composite video Parallel port Serial port USB port PCIA port Ethernet/intranet Weigand

26 Keogh and Associates Copyright 2003

27 The big challenge is the integration Biometrics has to become a fully integrated component within an complex corporate environment There are very few solutions that meet this challenge today Biometric technology is not the issue – it’s the integrated solution

28 Keogh and Associates Copyright 2003

29 Professional Services can cost 3 to 20 times the biometric hardware cost. Make sure that you biometric software and middleware is compatible and the vendor is supplying a complete solution.

30 Keogh and Associates Copyright 2003 Top Security Mistakes Security threats and risks are not analyzed prior to selection of security technology and design Corporations fail to deal with the awareness and operational aspects of security Lack of robust security policy definition or non-adherence to security policies Absence of non-periodic security audits Lackadaisical implementation of physical security

31 Keogh and Associates Copyright 2003 Security Mistakes By Management Assigning untrained people to maintain security Failing to understand the relationship of physical security to the business problem Failing to deal with the operational aspects of security Authorizing reactive, short-term fixes leading to problems re-emerging

32 Keogh and Associates Copyright 2003 User Considerations User privacy concerns User perception Target user characteristics User difficulties Ease of use

33 Keogh and Associates Copyright 2003 User Attitude No matter how hard you try, if your customers or employees do not like the system, the system performance will suffer Educate the users prior to implementation in a positive approach to the implementation. This will help to alleviate “user malfunction”

34 Keogh and Associates Copyright 2003 Impact Are there any privacy issues? Will the biometric access have to meet any standards (ISO, government, etc.)? How will the system be implemented and who will control the implementation? What will be the impact to the customers, employees, etc.?

35 Keogh and Associates Copyright 2003 Privacy Issues Physical Privacy –The stigma af only criminals have their picture taken or their fingerprints taken. I’m an honest person –This will hurt me. The laser will hurt my eyes … –Non-hygenic. I’m not touching that after he touched it

36 Keogh and Associates Copyright 2003 Privacy Issues Information Privacy –The ability to control information about onesself. This is soon to become a mandatory concern. –Ability to search records about a person in real time. Effectively tracking that person. –Misuse of data –Using information for other that authorized purpose

37 Keogh and Associates Copyright 2003 Centralize the identity management functions of the organization in a single place so that they can be effectively managed and the appropriate level of trust can be maintained in the authentication process.

38 Keogh and Associates Copyright 2003 Scalability For any biometric identity system to be worth the investment, it must scale to meet the company’s projected requirements. You must specify the system by: Number of users enrolled Number of concurrent authentications supported Average response time Longest response time Availability criteria

39 Keogh and Associates Copyright 2003 Availability In a critical enterprise scenario, availability is a key requirement. While no single technology component can ever be guaranteed to be 100% available an effort must be made to choose components that minimize average failure time for any component.

40 Keogh and Associates Copyright 2003 The success or failure of a biometric security installation in a client’s application is not dependent on the reliability of the biometric product alone !!!!!

41 Keogh and Associates Copyright 2003 Training is the key to any successful implementation and deployment of a biometric security system. Developing a security wise culture within the company is a must. AND IT DOES’NT STOP THERE!! Training is an ongoing proposition or it is a waste.

42 Keogh and Associates Copyright 2003 PROTECTION DETECTION REACTION

43 Keogh and Associates Copyright 2003

Download ppt "Keogh and Associates Copyright 2003 A LOOK AT LARGE SCALE DEPLOYMENTS Presenter Colin Keogh Keogh and Associates."

Similar presentations

Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.

15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.
Chapter 14 Network Design and Implementation. 2 Network Analysis and Design Aspects of network analysis and design Understanding the requirements for.

Chapter 14 Network Design and Implementation. 2 Network Analysis and Design Aspects of network analysis and design Understanding the requirements for.
WHY USE A FLUID SEALING SPECIALIST? FOR SAFETY & RELIABILITY BECAUSE…….

WHY USE A FLUID SEALING SPECIALIST? FOR SAFETY & RELIABILITY BECAUSE…….
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security, Guaranteed By Biometrics The new generation of access control and time & attendance products WRS Technology Services Authorized Reseller San.

Security, Guaranteed By Biometrics The new generation of access control and time & attendance products WRS Technology Services Authorized Reseller San.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security Controls – What Works

Security Controls – What Works
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.

MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.
Chapter 12 Strategies for Managing the Technology Infrastructure.

Chapter 12 Strategies for Managing the Technology Infrastructure.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Why Cryptosystems Fail Ross Anderson Presented by Su Zhang 1.

Why Cryptosystems Fail Ross Anderson Presented by Su Zhang 1.
March 3, 2014. ORGANIZING TO MAKE A PROFIT OBJECTIVES By the end of the session, participants should be able to: Appreciate the need for planning before.

March 3, ORGANIZING TO MAKE A PROFIT OBJECTIVES By the end of the session, participants should be able to: Appreciate the need for planning before.
The future shape of business is being redefined through outsourcing.

The future shape of business is being redefined through outsourcing.
Introduction to Network Defense

Introduction to Network Defense
Release & Deployment ITIL Version 3

Release & Deployment ITIL Version 3
IDENTITY & ACCESS MANAGEMENT TOTAL COST OF OWNERSHIP STUDY Research by independent consultancy Rencana.

IDENTITY & ACCESS MANAGEMENT TOTAL COST OF OWNERSHIP STUDY Research by independent consultancy Rencana.
What is Business Analysis Planning & Monitoring?

What is Business Analysis Planning & Monitoring?

Similar presentations

Ads by Google