His laptop carries an embedded fingerprint swipe reader that prevents others from masquerading as Joe. When he powers on his laptop, a touch of his finger to the mouse grants Joe access to specific applications, files, databases and even individual functions. Fingerprint identification is also available for his keyboard and even his PCMCIA cards.
Fingerprints are able to reliably provide "proof of presence" that ensures that the laptop can be accessed only by the actual people to whom permission is specifically granted.
Redwood City, Calif.-based DigitalPersona offers a fingerprint authentication solution that allows users to log on to Microsoft Windows Vista and XP Professional computers and networks with the touch of a finger. When added security is required, multicredential authentication can be enforced.
Many vendors offer fingerprint authentication solutions for less than $100 per user, according to Jeffrey Bernstein, senior director, information assurance, at security consulting firm Asero Worldwide in Washington, D.C.
Scan thermal imaging and even 3-D face readers are also available to control laptop, desktop and network access from companies like AuthenTec, based in Melbourne, Fla., and L-1 Identity Solutions in Stamford, Conn., to name a few.
Preventing Peripheral Damage
Joe is also aware that danger lurks in the peripherals that he, or others, might connect to this laptop-an MP3 player, memory stick, optical device or even the network printer. So he uses an endpoint access manager that controls, monitors and logs how his data is downloaded and uploaded to those endpoints. He can block all actions from those peripherals, permit specific actions or just monitor the activities on all of his communication interfaces.
Companies such as ControlGuard in Bridgewater, N.J., offer this type of solution for about $25 per user. Their product is now being built into several models of SanDisk memory stick products.