Start-up company develops card-based security for PC
- By Colleen O'Hara
- Nov 01, 1998
A 1-year-old security company in Israel has developed a smart card security system that protects a user's PC from unauthorized access by locking the PC when it senses the user is away from the machine.
First Access Ltd. designed a system that consists of client/server software, a smart card that identifies a user and a sensor that reads information on the card at a distance up to 17 feet.
Each user is issued a smart card that is recognized automatically by the system sensor when the user approaches the machine. The PC is either turned on when the user approaches or locked when the user leaves the room.
The First Access products protect agencies from the most serious security problem, said Dov Sharon, executive vice president at First Access, referring to internal security breaches. A recent survey showed that of the 73 percent of organizations that experienced a security breach in the past year, most of the break-ins— 58 percent— came from authorized employees, he said. Some of the threats include reading, stealing or accidentally deleting data. The First Access products can work on a stand-alone machine or in a networked environment.
Contactless smart cards, which do not have to be swiped through a smart card reader to work, offer greater security over biometrics or traditional smart cards, Sharon said, because they require less user involvement. "Our card looks like a smart card or a badge and identifies you once you are in the vicinity. Log-on is transparent," Sharon said. "The desktop is locked when you leave, but the applications continue to run in the background."
The company offers three products: First Access Enterprise, which is an authentication and authorization system for the enterprise network; First Access WorkStation, which is designed to integrate into an existing authentication system; and a First Access Hardware Kit, which is designed for OEM integration.
First Access Manager software, which is an extension to Microsoft Corp.'s Windows NT user manager, gives each user access to a subset of workstations and certain network resources. Additional levels of security, such as personal identification numbers, can be integrated into the system. The system also can be configured so that a certain number of users with clearance must be present before access is granted.
Sharon said the company expects to establish an office in the Washington, D.C., area within a year and a half to serve the federal government .
"The government market is important to us," he said. "We're looking for systems integrators and value-added resellers who sell to the government." The company will start shipping its products early next year. Prices start at $189 per seat for the WorkStation version and $250 per seat for the Enterprise version.
Eric Hemmendinger, senior analyst at Aberdeen Group, said the First Access products stands out because they are oriented toward user behavior. "The key is this solution is designed to fit in with users' habits," he said. "IS decision-makers can use First Access offerings to deploy authentication solutions that don't require users to change their work habits."
Larry Dietz, director of information security and legal strategies at Current Analysis, said the products should appeal to government agencies that have a higher security requirement than most. "It's most applicable where sensitive data or classified data is the mainstay, or where you need to compartmentalize the data," he said.