1. CorporateInformationSecurity Corporate Information Security User Identification & Logical Access Control

2. Corporate Information Security Logical Access Control – Heart of Security Efficient Control Mechanisms  User identification, authentication & authorization  Centralized user rights management  Logging & auditing

3. Corporate Information Security Passwords: Security Bottlenecks Most Likely Security Breaches  Easy to guess passwords  Same password for all applications  Password sharing  Not keeping passwords secret

4. Corporate Information Security Security Stats  Half of help desk calls are password- related Source: Lenovo  $ 150 per user annually - operating expenses for managing user accounts Source: SC Magazine  $ 25-50 - average cost of processing a single help desk call Source: Compulenta

5. Corporate Information Security Biometrics: Efficient & Reliable  Identification of a person, not of a password, token or card  Intuitive & easy to use technology  Non-repudiation of biometrically confirmed actions  Users do not have to know or remember passwords  No password sharing

6. Corporate Information Security Integration CorporateData AD Integration Shared Resources Workstations VPN Physical Access Applications E-mail T&A Internet

7. Corporate Information Security IDenium Purpose  Safeguard data against unauthorized access  Replace a vulnerable password system with biometric IDs

8. Corporate Information Security IDenium Functions  User Access Control  A fingerprint is a single key to network data, applications, e-mail & Internet  Secure Standby & screensaver modes  Support for Windows & Novell  Logging Access Events

9. Corporate Information Security IDenium Functions  Centralized User Management  One-time enrollment of users & credentials  Domain controller interaction  Network access from any network PC

10. Corporate Information Security Architecture User Account of a Specific Application Novell User Account Windows User Account CITRIX User Account Workstations Windows Domain Controller Applications & Web-applications Workstations and/or Clients CITRIX Server Novell Server Workstations Identification of Windows Users User Identification in Applications Identification of CITRIX Users Identification of Novell Users

11. Corporate Information Security IDenium for AD Windows Domain Controller Workstation 1234 Identification Server Microsoft Windows AD Database 1 Digital Fingerprint Template 2 Data Required for User Authentication 3 4 Synchronization

12. Corporate Information Security AD Integration IDenium is fully integrated into Active Directory (AD):  Centralized storage, protection & transfer of user ID data via AD tools  Centralized user rights management  BioLink tabs in ADUC BioLink - Enroll Tab

13. Corporate Information Security IDenium Components  Client SW  IDenium Windows Logon  Password Vault  Admin SW  Admin Pack  Synchronization Agent  Password Changer

14. Corporate Information Security IDenium Windows Logon  Verifying user identity when logging on to the OS or applications  User verification in other applications compliant with IDenium Windows Logon & Authenteon Server  Workstation unlocking by a fingerprint Workstation Unlocking

15. Corporate Information Security Password Vault  Replacing passwords with biometric IDs in applications & Internet  Script recording to replace a password  Several scripts for an application  Automated script execution upon successful fingerprint identification List of Scripts

16. Corporate Information Security Admin Tools  Admin Pack  Centralized enrollment of users & fingerprint data  Setting-up identification policies & other administrative tasks  Synchronization Agent  Synchronization of AD catalogue data & biometric ID data stored on Authenteon

17. Corporate Information Security Admin Tools  Password Changer  Generation of random passwords  Attaching new passwords to relevant user accounts & biometric IDs  Admin-defined generation frequency  No access to unauthorized users by stolen passwords

18. Corporate Information Security IDs Enrollment “Windows Security” window for users to enroll their fingerprint identifiers  Biometric IDs can be enrolled while adding a new user account in AD - when hiring a new employee, at administrator’s workplace.  Biometric IDs can be enrolled by users themselves at their workplaces when deploying IDenium.

19. Corporate Information Security Selection of Identification Policies Selecting an Identification Policy  User identification only by fingerprints is recommended for most users  User identification by a fingerprint OR password is recommended for administrators and security staff  Two-factor identification by a fingerprint AND password is recommended for the most sensitive data

20. Corporate Information Security Customization & Management Options Окно настройки сервиса IDenium Settings window  Add users (or user accounts), edit properties & delete  Enable/disable ID data caching  Hide the actual fingerprint image while scanning  Generate random passwords for Windows user accounts

21. Corporate Information Security Identification Servers  BioLink Authenteon  Software-and-hardware server  Hot swappable  Unlimited number of users  BioLink Authenteon Software Appliance (ASA)  Software server for MS Windows  Number of users – up to 1 000  Scalable

22. Corporate Information Security Biometric Scanners Scanning MethodOptical Scanning Window Size25.5 x 18 mm Scanning Speed15 fingerprints per second Resolution508 dpi False Acceptance Rate (FAR) 10 - 9 (1 out of 1 000 000 000) InterfaceUSB 2.0/1.1, Plug&Play, 2 m cable included

23. Corporate Information Security Biometric Scanners  Compact & ergonomic  Cost-effective & durable  Quickly attached to a computer  Ready for operation upon installation of BioLink IDenium  Used to secure corporate networks & stand-alone PCs

24. Corporate Information Security Biometric Scanners BioLink U-Match 3.5 - BioLink U-Match 3.5 - USB Scanner for Office Use  Dimensions (length x width x height): 45 x 63 x 26 mm  Weight: 120 g BioLink U-Match 5.0 - BioLink U-Match 5.0 - USB Scanner with a Card Reader  Supported smart card standards: ISO 7816, EMV 2000  Smart card power supply: 5 V, 3 V & 1.8 V  Transmission speed: up to 119 Kbps  Card type detection: automatic

25. Corporate Information Security IDenium Benefits  Data security increase  Cost-effectiveness  Scalability  Fault-tolerance  Ease of use

26. Corporate Information Security Data Security Increase  Reliable, accurate & quick user identification by distinct parameters  Eliminated threat of identification by lost/stolen identifiers  Multi-factor identification for sensitive data  Integration options for logical & physical access & T&A systems

27. Corporate Information Security Cost-Effectiveness  Faster access to protected resources  Biometric IDs never fail  Reduced admin load  Decreased access infrastructure management expenses

28. Corporate Information Security Scalability  Unlimited number of users  Server clusters & load balance options  Centralized installation & management  Seamless integration into legacy corporate systems

29. Corporate Information Security Fault-Tolerance  Hot swappable biometric ID servers  Data replication options  Local cache options in case of failed LAN

30. Corporate Information Security Ease of Use  One-time enrollment of users’ biometric data  Identification by any enrolled fingerprint  A fingerprints is a single key to resources & applications  User-friendliness

31. Corporate Information Security CorporateInformationSecurity Corporate Information Security User Identification & Logical Access Control www.bio-metrica.com info@bio-metrica.com Thank You!