The Introduction of Biometrics Security into Organizations: A Managerial Perspective

Article excerpt

Security threats are on the rise and it has become a major challenge for systems managers, public and private officials to come up with new and more comprehensive security systems in order to keep the hackers and computer criminals at bay. Biometrics has attracted much attention after the September 11, 2001 attacks in the United Sates. Biometrics securities use a physiological element to enhance security measures. Biometrics offers certain characteristics not available in other security measures. The goal of this article is to present a systematic approach for the introduction of biometrics as a security measure into your organization. The article proposes a six-step guide that if followed should significantly increase the chances of success for using this fast growing technology. The steps are (1) understanding security threats and measures, (2) understanding access control, (3) understanding biometrics measures, (4) understanding common applications of biometrics, (5) understanding sample case examples, (6) putting together a plan for implementation.

Introduction

Computer and network security has become critical for most organizations, especially in recent years with "hackers," or computer criminals, becoming more numerous and more adept at stealing and altering private information. Hackers use a variety of tools to break into computers and networks, such as sniffers, password crackers, rootkits, and many others, which can be found free on the Web. Security has also become a challenging task for civilian and government agencies such as border management, welfare systems control, and airport safety.

A comprehensive security system protects an organization's resources, including information and computer and network equipment. The information an organization needs to protect can take many forms: e-mails, invoices transferred via electronic data interchange (EDI), new product designs, marketing campaigns, customer databases, and financial statements. Security threats involve more than stealing data; they include such actions as sharing passwords with coworkers, leaving a computer unattended while logged on to the network, or even accessing questionable Web sites and network systems. A comprehensive security system includes hardware, software, procedures, and personnel that collectively protect information resources and keep intruders, hackers, and criminals at bay.

Billions of dollars are lost every year due to various security breaches. The Open Security Foundation collected information on 450 incidents during 2010. In the first quarter of 201 1 it has already collected 94 incidents affecting millions of people. According to the report 34% of security breaches on the Internet have involved names and addresses and 29% involved Social Security Numbers. Other personal data affected includes: dates of birth, credit card numbers, and medical information (Buenaventura, 2011).

Yet another challenging task that many organizations are facing in recent years is the access of the various systems within the same organization by its own employees. Some organizations have implemented a single-sign on procedure in order to provide more convenience and ease of access for the employees. In many such situations passwords are used. As discussed later in the paper, one of the major shortcomings of passwords is the role that humans play in keeping its integrity. Employees may forget their passwords, write them on sticky notes or share them with other coworkers. Biometrics measures could significantly improve the integrity of information resources by providing a unique attribute and reduce the role of humans in improving the effectiveness of security systems.

After review of literature and examination of several real life case examples, the goal of the article is to present a systematic approach for the introduction of biometrics as a security measure into your organization. The article proposes a six-step guide that could significantly improve the chances of success for the introduction of biometrics into your organization. …