Put Your Finger On Security

By Gerry Blackwell | Posted January 09, 2007

Keeping data secure has become a top priority for a growing number of small businesses. At Elektrofilm, a media post-production house in Burbank, Calif., ensuring that only authorized personnel have access to data assets has become a major strategic issue.

Usually, the imperative is to keep one's own data safe from prying eyes. For Elektrofilm, it's a little different. The company's clients — film, television and music production companies — send their pre-release content to Elektrofilm for transfer to video, color correction, sound editing, DVD authoring, distribution and other services. Keeping it out of the hands of media pirates is a huge concern.

As Elektrofilm Chief Information Officer Jason Williamson notes, "A large percentage of intrusions occur from within your own company. You can declare strong password policies, you can have everyone change passwords regularly, you can lock down your desktops. But you can never deal with employees jotting down their password and taping it up in a cubicle."

Solution? Soon after opening its new facility in Burbank, Elektrofilm started using the DigitalPersona Pro Workstation biometric authentication system from DigitalPersona, Inc. Now employees only have to place a thumb or finger on the DigitalPersona fingerprint reader, wait for it to glow red, and their identity is automatically verified over the local network and logged in to Windows and vital company databases.

Williamson considered other automated log-on technologies including USB fobs — USB devices that hang on an employee's key chain — and smart cards, but decided biometric was the way to go. The other technologies took longer for users to log on, and they were too easy to lose or misplace. "People tend not to forget their thumbs in the car," Williamson quips.

Marketing Advantage
The DigitalPersona system will not only help Elektrofilm prevent clients' valuable content from being stolen or tampered with while it's in the company's care, it will also help it win business. Media production companies are beginning to demand that post-production houses prove they can keep digital content secure.

"We're already seeing that trend with RFPs [requests for proposal] coming into our company," Williamson says. "Being early adopters absolutely gives us a marketing advantage. The fact that we addressed the issue early, before it became a business requirement, has created a positive perception of us among clients."

That should translate into winning more business and will eventually ensure that the company doesn't lose business.

Elektrofilm, a relatively new media industry player, has grown quickly in the last couple of years, both through acquisition and a flurry of hiring. It now employs 250 people in two locations in the U.S. (the other is in San Jose, Calif.), two in Germany and one in Great Britain. The Burbank facility, in the heart of the Hollywood media district, is the company's flagship post production center and employs 40 or so people.

It's the kind of environment — fast growth, lots of new hires — in which internal security becomes crucial.

DigitalPersona is one of the leading providers of single-logon biometric authentication systems. Single logon means Elektrofilm employees can use the same fingerprint reader and software to log on to Windows, to internal applications and resources and to Web sites — replacing potentially dozens of passwords. Elektrofilm isn't using the technology yet for Web log-ons, though.

DigitalPersona is a vertically integrated company. It developed and manufactures the fingerprint readers that scan a thumb or finger and quickly create an image. It also developed the algorithms that analyze the whorls and swirls of a fingerprint image and compare it to a stored version to see if it matches. And it developed the workstation and server software that makes the whole system work.

"When we started investigating this, DigitalPersona quickly rose to the top," Williamson says. "Their people were very knowledgeable. And we were impressed with their willingness to act as a business partner rather than just a hardware and software vendor. With a rapidly-growing small business, that's really important."

Most Accurate Elektrofilm was also convinced that the DigitalPersona technology provided the most accurate fingerprint reading — that it did the best job of ensuring that only a workstation's owner would be authenticated by the system and that the legitimate owner would rarely if ever be rejected. It's a claim DigitalPersona makes.

"How that plays out in the big picture is that people put their fingers on the reader less and get in faster," says Chip Mesec, the company's senior product marketing manager.

Mesec says DigitalPersona uses rigorous testing against a standard developed in Britain. The International Biometric Group has offered to oversee competitions among biometric systems providers to see whose fingerprint reading technology is the most accurate. DigitalPersona is so far the only vendor to agree to participate, he says.

One unique advantage of the DigitalPersona fingerprint reading technology is that it will work with reader hardware from other vendors, including swipe-style readers now being built into many laptops. The DigitalPersona algorithms and software actually improve the accuracy of third-party readers by four to 100 fold, Mesec claims.

The DigitalPersona system integrates tightly with Microsoft's Active Directory, the Windows Server component that manages identities and relationships in a network. It can also work in stand-alone mode on a single workstation. Elektrofilm is using it with Windows Server at the Burbank facility and is now in the process of rolling it out to the company's other offices. It will eventually use a centralized authentication system for the whole company.

Low Cost
Elektrofilm paid $118 for each DigitalPersona workstation bundle, which includes the reader and the workstation software, plus $39 per person for licenses for the server-based authentication software, plus about $1,450 for the server software for two network nodes. The cost now to add a new employee is a modest $160.

Is it possible to build a hard-dollar business case for this investment? "You could probably argue that clients come in and are impressed with this so they're inclined to direct business to us," Williamson says. But he admits that at best it's a "fuzzy equation." More to the point, perhaps, is that this kind of security will eventually be a requirement of doing business in Elektrofilm's industry.

The company installed the technology itself. The documentation was good enough that Williamson and one employee were able to do everything required, including installing the server and workstation software. The reader hardware simply plugs into a USB port on the workstation. There was one small problem making it work with the Microsoft software, but DigitalPersona responded to Williamson's call in less than an hour and resolved the issue.

Quick Acceptance
"It's really interesting how quickly employees embraced this technology," Williamson says. "They thought it was really cool. Now they don't have to remember different passwords, they don't have to change their passwords. Not having to remember a mixed 10-digit password takes a lot of the burden of security off of the employee."

He would like to see the DigitalPersona technology available in versions that work on Unix and Linux so Elektrofilm could install the product on its back-office systems as well, but that's not a pressing concern yet.

Bottom Line
If protecting data assets — your own or your customers' — is a concern, a biometric authentication system is at least part of the solution. It will save employees time and trouble, eliminate security loopholes and may, as in Elektrofilm's case, provide a marketing advantage. At less than $150 per person (for the stand-alone workstation version), it's not an expensive solution.

Based in London, Canada, Gerry Blackwell has been writing about information technology and telecommunications for a variety of print and online publications since the 1980s. Just for fun, he also authors features and columns on digital photography for Here's How, a spiffy Canadian consumer technology magazine.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

Comment and Contribute


     

    Get free tips, news and advice on how to make technology work harder for your business.

    Submit
    Learn more
     
    You have successfuly registered to
    Enterprise Apps Daily Newsletter
    Thanks for your registration, follow us on our social networks to keep up-to-date