Logical, physical security integration challenges


This article can also be found in the Premium Editorial Download "Information Security magazine: How to dig out rootkits."

Download it now to read this article plus other related content.

8 Convergence Tips (continued)
Take these steps for a successful marriage of physical and IT security.

By Mark Diodati

  1. Enterprise SSO (eSSO) systems
    eSSO systems reduce the number of user logons by replaying usernames and passwords into those applications that require them. Users authenticate once, and are transparently logged on to applications as they click on them. The use of smart cards at the workstation requires the deployment of middleware, so why not make the user's life a little easier by deploying an eSSO client at the same time? One common identity management trend--regardless of any PL convergence goals--is the coupling of stronger authentication systems like smart cards with eSSO systems because it
  2. mitigates the "keys to the kingdom" problem.

  3. Plan emergency access
    Employees will lose their smart cards or leave them at home and get locked out of buildings and IT systems. Emergency access procedures ensure that users can continue to work without their smart card. Some tricks of the trade include self-service kiosks in the building entrance where employees can authenticate and get a temporary smart card, and the use of IT software management tools to temporarily allow the user to authenticate with a password instead of a smart card.

    Requires Free Membership to View

  1. While not technically an emergency scenario, access may be a concern for organizations with a large population of employees who travel without laptops and need access at a public kiosk, which won't likely allow use of a smart card. Hybrid devices that possess both smart card and one-time password (OTP) components can help in this scenario, because the OTP does not require workstation software.

  2. Use egress badging
    Egress badging is an important tool to help determine when an employee has left the facilities. However, its implementation requires reconfiguration of the building entrance, and also that the user badge out when leaving the building, which can cause traffic jams at the door on a Friday. All is not lost, however, if egress badging cannot be implemented. Some PL convergence systems support a "best guess" algorithm to determine if a user is still in the building. For example, if it's 3 a.m., the system will assume the user is not in the building.

This was first published in September 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: