An extra touch of security

In simpler times, death and taxes may have been the only certainties in life, but today's information technology managers might add computer security threats to the list.

With security issues here to stay, one of the current challenges facing vendors is how to provide effective security while limiting intrusiveness and maintaining ease of use.

Biometrics — identifying users by their physical or behavioral characteristics — has emerged as a viable security option for both computer and physical access. When choosing a biometric authentication method, IT managers must weigh four factors: accuracy, cost, ease of use and perceived intrusiveness. Some high-security environments might warrant a system that is costly and somewhat cumbersome, but in other cases, an agency might want to add protection without installing extra hardware or spending a lot of money.

Net Nanny Software International Inc. has developed a unique biometric product perfectly suited to the latter situation. BioPassword LogOn for Windows NT is client/server software that blends seamlessly with Microsoft Corp. Windows NT networks, requires no extra hardware and is quite affordable.

BioPassword LogOn uses keystroke dynamics — a measurement of the rhythm and speed of a person's typing — to confirm a user's identity. It uses behavioral biometric data rather than physiological biometric data, which is a reading of static traits such as an iris or fingerprint patterns.

Behavioral biometrics are generally not as accurate as physiological biometrics, but they are still a viable means of security, especially when combined with other methods.

Installing BioPassword Log-On couldn't be easier. Both the server and client modules are installed from the same CD-ROM and even use the same wizard-guided setup file. We completed the installation on our server and one client in less than 10 minutes.

To enroll, a user types his or her user name and password 10 to 20 times. The system default is 15 times, which is what we used.

After completing the one-time enrollment process, a user simply logs in as usual. Behind the scenes, BioPassword LogOn compares the typing rhythm to the user's stored biometric template. If the templates match, access is granted.

BioPassword LogOn security levels can be individually set for each registered user. The default is level three, which we found to work well. If the level is set too low, the system accepts anyone, and if it's set too high, it can reject legitimate users.

Net Nanny recommends eight- character user names and passwords for optimal security, and our testing proved this to be sound advice. In one case, we were able to foil the system even with a seven- character user name and password, with the user set to security level five. However, keep in mind that an imposter would first have to know the user's password for this to happen.

Using the BioPassword Utility on the server, admin-istrators can disable the program on individual work-stations when a user is unable to type normally for any reason, such as a hand injury. Users must still log in with the correct user name and password so the workstation remains protected.

BioPassword LogOn is an effective extra layer of network security. Its standout qualities are superb convenience and low cost. If administrators follow the guidelines for character length and security level, false acceptance should not be a concern. Also, the product is not designed to be the only, security on a network — all systems are still password-protected. With BioPassword, systems are even harder to crack because it would take more than simply stealing a password. Another person's keystroke dynamics are virtually impossible to imitate.

System requirements:

Network running Windows NT 4.0, Service Pack 5 or higher. Server: 5.1M of disk space. Client: 0.8M of disk space. All systems: at least 133 MHz Pentium II processor and 64M of RAM.

REPORT CARD

BioPassword LogOn for Windows NT

Grade: A-

Net Nanny Software International Inc.
(425) 688-3008
www.biopassword.com

Price and availability: The base price for BioPassword LogOn is $4,995, which includes 10 user licenses. Additional licenses cost: 100 seats, $3,995; 500 seats, $15,975; 1,000 seats, $24,950; and 4,000 seats, $69,860.

Remarks: BioPassword LogOn is an effective and convenient additional layer of network security. Installation is a snap, and users won't even know it's there.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.