Merging physical and logical security systems also strengthens physical security. A plain user ID displayed to...
a guard at a gate doesn't compare to a smart card with embedded credentials stored on an authentication server that needs to be scanned by a reader to allow access.
But there are guidelines a smaller company can follow without putting a strain on its budget.
One is the Homeland Security Presidential Directive-12 (HSPD-12), a directive that started out as a way to standardize physical access to government facilities but ended up as a program for merging physical and logical security. HSPD-12 requires uniform smart cards for accessing both government facilities and their IT systems.
Again, the smart card system required by HSPD-12 may be too expensive for your company. But the guidelines detailing implementation of HSPD-12 and the Federal Information Processing Standard Publication 201 (FIPS 201) may offer suggestions for setting up a system meeting your budget.
Some companies offering products to private industry are AMAG Technology, CoreStreet, Gemalto and Intercede. AMAG offers a Windows-based system geared for small businesses. CoreStreet has a handheld device, PIVMAN, which is well-suited for smaller offices. The device can be configured to read bar-coded driver's licenses -- saving you from the headache of deploying smart cards.
Options exist for smaller companies, but some hardware, even if minimal, will be required at some cost.
For more information:
Dig Deeper on Two-factor and multifactor authentication strategies
Related Q&A from Joel Dubin
After a server room door has been compromised, finding a more secure solution is of utmost importance. Learn how to choose a server room door that ...continue reading
In the IAM world, what's the difference between access control and identity management. This IAM expert response explains how the two relate as well ...continue reading
When working with PeopleSoft and Unix, which single sign-on (SSO) vendors offer the most effective products? Learn how to choose an SSO product in ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.