|
Videos
October 5, 2006 By Gina M. Scott
These problems are primarily a human factor. Four out of 5 people would give their password to a co-worker, and most people either write down their passwords or use very easy words such as the name of a pet or child. To remedy this, Sherwood suggested that people use so called "strong" passwords -- combinations of upper and lowercase letters, numbers and symbols. And passwords should never be written down. The only problem is that most people can not remember these "strong" passwords, such as the example given by Sherwood -- Idn@^78*&3NpRz. "The efficiency of password security is not in sync with the reality of human behavior," Sherwood explained.
As a possible answer to this problem, the seminar covered the implementation of biometrics to a company's security network. Patrick Honny of the San Bernardino County Recorder's Office discussed his office's use of fingerprint scanners to eliminate some of the costs associated with lost passwords. Honny explained that the use of the fingerprint scan system reduced the amount of help desk calls, and increased network security.
Vance Bjorn, CTO of DigitalPersona -- the company who makes the finger scanning program used by Honny's office -- says that the fears of some employees of a possible "Big Brother" situation can be eased since their program "stores minutia points in an encrypted format." These "finger templates" are not the typical fingerprints that law enforcement would use, and they are stored as mathematical equations.
You may use or reference this story with attribution and a link to
http://www.govtech.com/security/Internet-Seminar-Solving-the-Human-Factor.html
Collaborative Justice: Transforming Criminal Justice Services Through Unified Collaboration
Cloud-Based Services Accelerate Public Sector Adoption of Video Collaboration
This story hit home. I work in an environment where there are dozens of applications that are being upgraded to function on a Website or in a Portal environment. Educating personnel and management in the use of strong passwords and user self service has proven to be major issue. While some company statistics show that 40-70 percent of a company helpdesk calls are for password reset, company policy and management is slow to change the standard to an environment that utilizes the use of user self service and strong passwords. Additionally as a company retools their applications from legacy and internal use applications to web based applications, the workload on a helpdesk will grow exponentially unless there is strong management acceptance and company policy is adjusted to enforce the new standard.