Despite unfounded privacy concerns, biometrics provides superior security

In a survey of IT decision-makers conducted by Forrester Research Inc., 13 per cent of respondents said they predicted their companies will be using biometrics by the end of 2005 (please see Most firms shy away from biometrics, page 17). The majority said they would be relying on “strong password policies” to control network access. You’ve probably read, or even formulated, disseminated and enforced, the type of strong password policy Forrester is talking about. Don’t use the name of a close relative. Don’t use words that can be found in the dictionary. Use something that would be impossible for someone who knows you well to guess. Oh, and by the way, don’t write it down. This is wishful thinking, considering more than one in four respondents to a recent AT&T Global Services study said they wrote their passwords down (see Converged networks give IT administrators security concerns, page 10).
The unwritten rule for IT departments is to establish a procedure to allow workers who forget their passwords to restore them quickly.
Biometrics is not a silver bullet for IT security. The readers cost money and can result in false positives, and biometrics alone does not address the issue of security breaches caused by careless or malicious insiders. There are alternatives to biometrics, such as public key infrastructure cards, that address the weaknesses of passwords. But it’s the perception that fingerprint readers are somehow an invasion of privacy that seems to discourage their use.
Smart cards are more likely to be lost or stolen than fingers, and the only way to overcome a properly-functioning biometric security system is to kidnap someone with legitimate access. But people seem fixated on the notion that somehow the recording of their fingerprints will lead to a totalitarian system in which everyone is under constant surveillance. If you want something to worry about, think about the banks, insurance companies and clinics that rely on passwords alone to protect your financial and health records.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs