Distributed Security System – Securing the Future from the Inside Out
by: Jacklyn Williford and Bill Clark
In 2014, 50% of organizations had a data breach; 67% of the data breaches used compromised passwords and an average data breach cost was close to $3.5 million. We hear the facts and figures persistently through every media source imaginable. We are inundated with the fact that the internet and our personal world are not secure.
The information in peril includes our Personally Identifiable Information (PII), Electronic Health Records (EHR), as well as the personal information banks, credit card companies, government agencies (such as Social Security, IRS, and Medicare), and employers, keep on file.
Our tablets and smartphones can have password locks and tracing software for locating and shutting down the device should it be stolen. Our homes can be protected by a security system managed through keypad entry and a spoken password. Our cars may be equipped with a GPS tracking system that will not only locate the stolen vehicle, but shut down the engine of the car. In every case, our personal information is stored in a database so that each of us may be verified as the “owner” of the account.
A great number of the 2014 statistics were performed by outside hackers. A search of the internet provides many articles about training a user in the art of hacking! Target, Veteran’s Administration, and Anthem Blue Cross are just a few of the casualties of this type of information violation.
Security software is prevalent, which enables you to further lock down sensitive data. HOWEVER, one of the key questions we should be asking ourselves, who within the bank, HMO, 401K investment firm, credit card agency, etc. has access to this detail? Is our data secure from personnel inside the organization who have no reason or right to view and distribute this sensitive information?
ImageWare® Systems’ Distributed Security System (DSS) provides security that is based on biometric authentication and authorization, and can be integrated into applications, hardware, databases, users/groups, and information resources. While protecting your company from external security threats, DSS plays an important role in making sure your company is also secure from the inside out.
This is done by limiting a user’s access and actions to those system areas they are allowed and by defining access rights and privileges. In addition, all internal and external attack attempts are audited with appropriate warnings being sent to assigned personnel. DSS allows an organization to:
- Control users who have access to the system
- Provision users with appropriate privileges based on their assigned company role
- Make sure the user is limited to only those areas/functions that have been assigned to their role(s)
- Protect designated data both when being transmitted as well as when at rest in the secure database
- Maintain the integrity of system resources (i.e. files and folders)
- Audit and prevent internal and external attacks on the system
- Maintain the integrity of the information provided by the encrypted read-only audit logs, which record all relevant system events and user actions as determined by your organization
In addition to being comprehensive, the IWS Distributed Security System is flexible, allowing for many types of biometric user authentication. The system can be adapted to meet the requirements of an organization by allowing an appropriately provisioned user to determine the rules governing users, groups, and resources as well as the inclusion of digital signing and encryption. Also, DSS is scalable with there being no effective limits on the number of users or resources being supervised.
For more information on IWS Distributed Security System, please contact Jacklyn Williford at firstname.lastname@example.org.