Merging physical and logical security systems also strengthens physical security. A plain user ID displayed to a guard at a gate doesn't compare to a smart card with embedded credentials stored on an authentication server that needs to be scanned by a reader to allow access.
But there are guidelines a smaller company can follow without putting a strain on its budget.
One is the Homeland Security Presidential Directive-12 (HSPD-12), a directive that started out as a way to standardize physical access to government facilities but ended up as a program for merging physical and logical security. HSPD-12 requires uniform smart cards for accessing both government facilities and their IT systems.
Again, the smart card system required by HSPD-12 may be too expensive for your company. But the guidelines detailing implementation of HSPD-12 and the Federal Information Processing Standard Publication 201 (FIPS 201) may offer suggestions for setting up a system meeting your budget.
Some companies offering products to private industry are AMAG Technology, CoreStreet, Gemalto and Intercede. AMAG offers a Windows-based system geared for small businesses. CoreStreet has a handheld device, PIVMAN, which is well-suited for smaller offices. The device can be configured to read bar-coded driver's licenses -- saving you from the headache of deploying smart cards.
Options exist for smaller companies, but some hardware, even if minimal, will be required at some cost.
For more information:
Dig deeper on Security Token and Smart Card Technology
Related Q&A from Joel Dubin, past SearchSecurity.com expert
The security of RFID chips and smart cards may not be fully mature, but there are best practices to keep facilities safe. Identity and access ...continue reading
Picture passwords for mobile device security aren't a new idea, but they have been recently improved. Identity and access management expert Joel ...continue reading
Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.