Data center physical security planners are turning to sophisticated technologies like biometrics more often according to recent projections.
Biometrics is the science and technology of measuring and analyzing biological data. In information technology, biometrics refers to technologies that measure and analyze human body characteristics, such as fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements, for authentication purposes.
According to the International Biometric Group's Biometrics Market and Industry Report 2006-2010, "Global biometric revenues are projected to grow from $2.1 billion in 2006 to $5.7 billion in 2010, driven by large-scale government programs and dynamic private-sector initiatives."
With biometrics protection, IT pros can obtain physical and logical access control. With physical security, a biometric device is set up at an access point outside the data center to protect its physical elements. Logical access control protects the network remotely by using devices set up at individual PCs. Employees are required to use these devices to gain access to companies' systems.
Louisville, KY-based, Maximum ASP, a web hosting company, decided to implement biometric fingerprint readers after having previously used proximity cards. "Proximity cards are not the most secure things out there," said Eric Peek, lead security administrator of Maximum ASP. Company employees must now use a fingerprint reader to enter and leave the building as well as use other readers to gain access to other office spaces and the network operations center.
Art Stewart, vice president of business development of Melbourne, Fla.-based, AuthenTec says company size is important in determining which technology to buy. At smaller companies, Stewart says, maybe only a few people will need access to the center, warranting a standalone fingerprint reader device without a network connection. On the other hand, in an enterprise company where hundreds of employees may need physical and logical access, a network connection would be required.
Mark Jerde, CTO Gaithersburg, Md.-based, Identification Technology Partners also thinks it is important to consider fellow employees, get their feedback, and confirm that everyone can use the biometric technology. If not, there needs to be an alternative. For example, there may be users who are disabled or missing limbs that would prohibit them from using fingerprint readers. Iris scans have been reported to be reliable, but they can be problematic for users with cataracts.
Fingerprint readers have been the most popular biometrics devices on the market for years and reasons include cost, easy installation, and reliability. Installing a fingerprint reader for physical access can be a straightforward process. In companies where a traditional card reader is already in place, biometric devices can be placed in the same location.
Once an access point is set up for physical access, it is just a matter of putting the software on the machine and biometrically enrolling users, getting their fingerprints entered into the system.
There are many market offerings available in a wide range of prices. Before committing to one particular product or system, Stewart suggests buying product evaluation kits from manufacturers, which can be purchased for a small fee. "You can experiment with the technology; you can rate the performance among multiple users so you get a good all-around test," said Stewart.
For those IT professionals who do not have an in-house security person, Peek believes a consultant may be the way to go. "If you are not knowledgeable in physical security as well as IT security, you should definitely outsource this," he points out. "You could put your access in the wrong points."
While there is a lot of preliminary work associated with implementing a biometric system, benefits can be realized.
Let us know what you think about the story; e-mail: Matt Stansberry, Site Editor