Problem solve Get help with specific problems with your technologies, process and projects.

Is there a way to bridge physical and logical security without using smart cards or biometrics?

Identity management and access control expert Joel Dubin explains how a corporation can merge physical and logical security without using expensive measures, such as smart cards and biometrics.

For smaller companies that may not be able to afford the cost of biometrics, smart cards, etc., are there any other IAM technologies that can bridge physical and logical security?
Anything that bridges physical and logical security requires a hardware investment, which costs money -- no matter how it's done. Biometrics and smart cards are the obvious choices, but they can be costly as well.

Merging physical and logical security systems also strengthens physical security. A plain user ID displayed to a guard at a gate doesn't compare to a smart card with embedded credentials stored on an authentication server that needs to be scanned by a reader to allow access.

But there are guidelines a smaller company can follow without putting a strain on its budget.

One is the Homeland Security Presidential Directive-12 (HSPD-12), a directive that started out as a way to standardize physical access to government facilities but ended up as a program for merging physical and logical security. HSPD-12 requires uniform smart cards for accessing both government facilities and their IT systems.

Again, the smart card system required by HSPD-12 may be too expensive for your company. But the guidelines detailing implementation of HSPD-12 and the Federal Information Processing Standard Publication 201 (FIPS 201) may offer suggestions for setting up a system meeting your budget.

Some companies offering products to private industry are AMAG Technology, CoreStreet, Gemalto and Intercede. AMAG offers a Windows-based system geared for small businesses. CoreStreet has a handheld device, PIVMAN, which is well-suited for smaller offices. The device can be configured to read bar-coded driver's licenses -- saving you from the headache of deploying smart cards.

Options exist for smaller companies, but some hardware, even if minimal, will be required at some cost.

For more information:

  • In this tip, contributor Mark Diodati explains why implementing a common authenticator for physical and logical security takes time and careful consideration.
  • Visit SearchSecurity.com's Identity Access and Management Security School and learn how IAM tools can be used to improve compliance.
  • This was last published in October 2007

    Dig Deeper on Two-factor and multifactor authentication strategies

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.