Traditional Security Fails

18% of employees admitted to sharing their password.

In 2008, the average cost per incident of a data breach was $6.7 million, and lost business averaged $4.6 million.

64% of losses were due to the actions of insiders at the company.

A shocking 11% of employees reported that they or their fellow employees accessed unauthorized information and sold it for profit.

Business travelers lose more than 12,000 laptops per week in US airports.

31% of customers terminate their relationship with organizations following a breach.

Businesses lost over $1 trillion to cybercrime in 2008.

77% of companies think their networks are not secure.

The per capita cost of a data breach already exceeds $1000.

39% most concerned about threat from employees, not hackers.

In determining authenticity there are two distinctly different authentication strategies.

1. Probability Authentication: It is all about Risk Mitigation

The traditional authentication method asks the user to declare who they are, and then, deduces their identity using traditional risk assessment methodologies. This approach has many facets and has evolved over time but usually utilizes something that the person knows like a password. And since, in a recent study conducted by the Ponemon Institute, 47% of employees admitted to sharing passwords with co-workers or contractors and 44% admitted to recording their password so that it can be easily retrieved, clearly passwords aren’t a secure solution.

Attempts to strength the methodology and further reduce the associated security risks require the user to posses something physical (such as tokens, or smart cards). While this extra measure makes authentication less risky and more likely that the user is who they say they are, it is still only an estimate, and falls short of positive identification.

The next evolutionary step was to add Biometrics to the identity assessment in an attempt to physically determine authenticity. Adding biometrics technologies to the authentication mix significantly improved the authentication process, but unless the biometric reading can be proven to be live (not a copy), then it is not irrefutable proof and still has an element of risk.

Another Ponemon Institute study revealed that in 2008 more than 88% of all data breach cases involved insider negligence. Why should the authentication process entail any measure of risk?

2. Genuine Authentication: Positive physical identification

“Genuine” means not fake or counterfeit, while “authentic” means conforming to fact and therefore worthy of belief and trust.

When you see a video of your friend’s wedding you see their images, hear their voices and immediately recognize them as your friends. Why should the authentication process be any less irrefutable? The current state-of-the-art authentication utilizes provable live biometrics as irrefutable evidence. Until very recently, live biometric samples required expensive, intrusive and specialized hardware. Recent breakthroughs in software engineering now provide for live biometric sampling using inexpensive commodity hardware.

Passwords can be guessed, forgotten, stolen or loaned; Token and Smart Cards can be lost, stolen or left at home; Static biometrics can be falsified, copied, purchased, and replayed.

You’ve spent a lot on your corporate assets and they have a lot of value. Why leave the front door open?

Words used by visitors that found this page online: anti-, 2 factor, access, accounts, algorithms, analysis, antimalware, application, authentication, authority, authorization, automatic, automatically, band, behavior, biometric, biometrics, body, calculate measurements, calculations, caller, card, catch, categories, characteristic, client, clock, cloud, code, codes, coding, command, company, computer, configure, confirm, content, control, corrupt, crash, creator, credentials, credit card, cross, cryptic, custom, customizable, cybercrime, data, defraud, deny, designed, detector, development, device, digital, disrupt, download, dynamics, e-mail, electronic communication, email, eye, face, filter, finger, fingerprint, fingerprinting, fingerprints, firewall, fix aquire, foolproof, forced protection, forgery, fraud, generated, hack, hardware, has, hidden, human, id, identification, identity, idworks, implement, information, infrastructure, integration, intellectualproperty, intelligence, internal, iris, is, knows, legitimate, link, lock, login, machine, malware, maleware, malicious, managemalware, management, manipulation, methods, mirrors, more, motion, movement, multi-factor, multifactor, multiple, needbest, network, online, operating, operations, operator, options, organization, palm, password, pattern, paymentprocessor, personal, personaldetails, phone, phrase, physical, PIN, points, prevent, preventingfraud, print, privacy, problem, product, products, profiling, program, programming, protection, public, reader, recognition, reliable, remote, removal, retina, risk, safe, safenetwork, safety, scam, scan, scanner, scanning, screening, scripts, secure, security, services, sites, skin, solution, spam, specialized, spoken, spoof, spoofproof, spoofing, standards, strong, synchronous, system, systembiometrics, technical, techniques, technology, theft, threats, token, tools, track, true, trustworthy, two-factor, unauthorized, unique, user, userfriendly, username, verification, verified, verify, virus, vocaltract, voice, voiceprint, web, website, wireless, words, articles

In determining authenticity there are two distinctly different authentication strategies.

1. Probability Authentication: It is all about Risk Mitigation

2. Genuine Authentication: Positive physical identification

More Articles