Lessons from the Field: Security Process Optimization May Start at the Card
Posted on Fri, Nov 12, 2010
By Tony Ball, Senior Vice President, Identity and Access Management (IAM)
HID is a Gold Sponsor of the ASG Security Summit & Expo
As we consider the “Great Conversation”, I wanted to provide some perspectives on key issues faced by today’s Security Executive. While not intended to be a comprehensive list, the following considerations would at least form a baseline for addressing current organizational security challenges.
1. Join forces with the Facilities Department
• As security risks continue to increase, combining IT and physical security strategies is more important than ever
• Coordination between physical and logical security departments allows an organization to reduce security risks while also saving time and money
• Structured collaboration is the key to success, rather than merging the two departments’ initiatives across the board
2. Avoid overly general or vague policies
• Your physical and data security policy on theft and security breaches should be clearly communicated across the organization and backed by a plan for managing non-compliance
• Determine how physical access control and data security technologies should be deployed in alignment with those security policies
3. Leverage existing physical security investment to increase productivity
• Deploy multi-technology cards and readers to leverage existing physical security investment, allowing enhanced physical access and additional layers of data security to be integrated into a single smart card
• Smart cards can increase employee productivity as well as security
For example, a secure printing application only releases print jobs to employees upon presentation of their smart card, safeguarding confidentiality and reducing waste and cost by allowing print jobs to be reviewed and cancelled before being printed
4. Get the most out of smart card technology
• A converged smart card can provide enhanced value and convenience by allowing employees to only use their badge for a range of applications from building access, canteen payments, and access to the on-site gym, while also integrated with the firm’s time and attendance system.
5. Remember your mobile workforce
• As more employees work from home or while traveling, organizations need to support their mobile workforce across multiple locations to ensure network and data security is guaranteed, while preserving convenience and ease of access
• Together with a reader and password or PIN, a multi-authentication converged smart card provides secure physical and logical access
6. Protect your printers
• Sensitive hard-copy information can be easily printed and scanned, posing a potential threat if access to scanned documents and retrieved print jobs is not controlled
• Secure printing and scanning using smart cards allows a user to send a print job to a printer with an embedded contactless reader, meaning that print and scan jobs are released only when the appropriate card is presented.
7. Track and audit for increased security
• Geographic monitoring is a useful way to maximize converged physical and logical access control systems, giving an employee secure access to networks even if they are in a different office location
• Converged systems also mean that an employee can log onto his computer even if he has not used his card at a perimeter reader.
By maintaining awareness of these security trends, the responsible and diligent security executive should be well-positioned to deal with the myriad of threats that his/her organization could face. I’d like to invite your comments on challenges and opportunities faced by your organization.
*Image courtesy of HID Global