Biometric access control is one of the most popular topics on the minds of security professionals these days and for good reason. Access control and the overall management of access points, whether doors, turnstiles, computer systems, or operational controls is among the first areas of concern for most physical security managers, facility directors and IT managers.
Another growing trend in access control is the move by organizations to go “passwordless”. Microsoft recently announced its move to passwordless authentication by eliminating them in Microsoft Windows 11. Why eliminate passwords? Look no further than the numerous breaches and ransom attacks; mostly fueled by phishing scams and the sharing of what someone knows, a password or pin.
Providing the necessary security and access restrictions while providing the demanded convenience is one of the toughest balancing acts in enterprise security. This balancing act continues to grow more difficult as the convergence of the physical security team and the organization’s IT team contend to control the complete systems integration effort.
Traditional access control, with its ubiquitous key cards or use of passwords, has been around for several decades now. Of late, biometric technologies have emerged, but these are typically “one-off” point-solutions that are not only costly but rife with other issues like privacy concerns (shared databases of the biometric information in one place) and hygiene (the need for multiple people to touch the same sensor).
By definition, biometrics is a method of establishing a person’s identity based on chemical, behavioral, or physical attributes of that person such as fingerprints, irises, hand geometries, voice patterns, or other unique human characteristics. In principle, a biometric access control system is a pattern recognition unit that gathers a specific type of biometric data from a person, compares that feature to a preset group of attributes in its database, whether in an access control system or an Active Directory, and then unlocks the door or computer (or whatever action is needed).
This action of comparing the human characteristic to a database of multiple people’s biometric data is where things can get challenging.
In this article, we are going to look at one biometric access control solution and how it is dealing with this challenge of human attribute matching and identity matching.
Sentry Enterprises out of West Chester, Pennsylvania is the manufacturer of the multi-patented SentryCard biometric platform. The SentryCard is believed to be the first open-architected, self-contained, biometric platform in the world. The ‘self-contained’ part was emphasized on purpose as this important part is what is setting the SentryCard apart from other biometric access control vendors.
Here is what SentryCard is doing differently: The biometric data of a SentryCard user is enrolled, stored, and matched solely within the SentryCard itself, never touching an external database and not requiring any ancillary software. This “separation of identity” from any other system fits well in the definition of a “zero-trust” network, an approach that is growing in popularity.
Beyond privacy-protection, the SentryCard is also growing in popularity as it is designed to work with an enterprises existing equipment and infrastructure (both for physical and logical access); saving the cost and time of deploying stand-alone solutions. The SentryCard essentially turns every existing reader in a building into a biometric reader immediately. The SentryCard is also equipped with FIDO2, an established standard for multi-factor computer authentication.
This is a significant concept implementation with tremendous positive security implications. Why? Critically, because this process removes the “validation process” vulnerability of needing to match the biometric read to database, whether in a building or in the cloud. How important is this protection? Look no further than the fines related to privacy in the General Data Protection Rights (GDPR) legislation in the EU or the growing Biometric Information Protection Acts sprouting up all across the U.S.
“We built the Sentry as a platform to provide broad use and utility. Better yet, enterprises can phase in the SentryCard to address their most critical vulnerabilities first, avoiding the need to re-badge an entire organization to reap its benefits” stated John Calzaretta, President at Sentry Enterprises.
Want even more fun reading about access control challenges. READ this article (link: https://www.chicagotribune.com/news/breaking/ct-ohare-trespasser-arrest-20210117-aad2craysvehzmk5rm6l23p3l4-story.html ) about a man that lived INSIDE Chicago’s O’Hare airport for three months before being detected.
Sentry Enterprises is driving a new paradigm of converged biometric security, shifting away from relying on legacy forms of identification to the use of biometrically authenticated identification.Source: sentryenterprises.com