- Email: [email protected]
Voice, finger and retina scans: Can biometrics secure your shop?
Computers and Security, Vol. 7, No. 3
establish disaster recovery plans are two of the factors increasing corporate awareness of the importance of security professionals. Data center calamities coupled with top ‘managers being held personally liable for fraud perpetrated in their companies are also adding to management’s awareness of both disaster recovery and information security. Finance and government still top the list of institutions employing data security professionals and telecommunications firms are also becoming major markets for data security positions. Computenuorld, February 15, 1988,~. 113. Security Systems Rescue Data from Snoopers, User Blunders.
The article lists five rules for data security: (1) Delete programgenerated backups of sensitive data; (2) Use DOS’s Attrib command to prevent accidental deletions or file changes; (3) Special utilities are required to physically remove data from the disk; (4) Hardware encryption boards automatically encrypt and decrypt files each time they are called from or stored to a disk; (5) Some programmable encryption chips are designed to become inoperable if they are tampered with. PC Week, February 16, 1988, p. 40. Fault Tolerance Increasingly Important for LANS, Edward
Liebing. Although most organizations look to hardware for fault tolerance, incorporating fault tolerance at the operating system level can be an inexpensive solution. Such software should make two copies of file allocation tables and directory entries and put them on different risk cylinders. It should also be able to run internal
checks and perform periodic selftests on the disk drives. Transactiontracking software assures that either all disk updates within a transaction are written to disk or the transaction is aborted. Other areas considered in the article are a consistent power supply, solutions to hard disk failure, and the calculation of downtime costs to see the relationship between the faulttolerant solution and the downtime cost. Government Computer News, February 19, 1988, pp. 31, 42. Voice, Finger and Retina Scans: Can Biometrics Secure Your Shop?,]unet Fiderio. Biometric
security products authenticate a person’s identity by digitally measuring a physical or behavioral characteristic. Six biometric technologies are currently available: retina scans; thumbprint or fingerprint identification systems; hand geometry systems that measure and compare finger length, skin translucency, hand thickness or palm shape; voice verification devices; signature verification devices; keystroke dynamics that identify by typing pattern and rhythms. All compare the stored templates with fresh patterns or scans to allow or deny access. Other than cost, a major problem for sales of biometric devices is that products are still evolving. Another problem is user annoyance. Computerworld, February 15, 1988, p. Sl#
Computer Crime: MIS Confronts a Cancer, Jeanne Brokaw
Zida. Computer crime exacts a heavy financial toll. Hard numbers for the cost are d&cult to come by; many corporations don’t even report the abuses. For both federal and private industry, the biggest threat comes not from spies or hackers but from trusted insiders. Security is a multitiered pyramid with software and data encryption products at the top and plain common sense at the bottom. Several software security packages address authentication and auditing; fingerprint scanning devices can aid in authentication. The most secure way to transmit data is to encrypt it. The NSA requires encryption devices on all transmission gear sold to federal agencies. Information WEEK, February 22, 1988, pp. 24-25. Structuring the Data Security Program, Robert P. Campbell.
Without the cooperative efforts of senior management, the information systems department, support functions, and users, a corporate data security program is bound to falter. Yet finding the right organizational structure to support this mix is no easy task. This article offers guidance on how to structure the data security program so that the organization as a whole can intelligently respond to security threats. Auerbach Data Security Management, January-February 1988, 82-01-35.
Planning, ConsultingBoostBiometric Bill, Barbara Sehr. This
VMSECURE: Enhancing VM Security and Control, Steven F.
article discusses the high cost ofbiometric security and the training required. It also includes a glossary of biometric security terms. Computerworld, February 15, 1988, pp. 82-83.
Bland@. VM, the popular IBM operating system, provides a baseline measure of security and control features. Organizations often find it necessary to supplement these standard facilities and to customize
327
establish disaster recovery plans are two of the factors increasing corporate awareness of the importance of security professionals. Data center calamities coupled with top ‘managers being held personally liable for fraud perpetrated in their companies are also adding to management’s awareness of both disaster recovery and information security. Finance and government still top the list of institutions employing data security professionals and telecommunications firms are also becoming major markets for data security positions. Computenuorld, February 15, 1988,~. 113. Security Systems Rescue Data from Snoopers, User Blunders.
The article lists five rules for data security: (1) Delete programgenerated backups of sensitive data; (2) Use DOS’s Attrib command to prevent accidental deletions or file changes; (3) Special utilities are required to physically remove data from the disk; (4) Hardware encryption boards automatically encrypt and decrypt files each time they are called from or stored to a disk; (5) Some programmable encryption chips are designed to become inoperable if they are tampered with. PC Week, February 16, 1988, p. 40. Fault Tolerance Increasingly Important for LANS, Edward
Liebing. Although most organizations look to hardware for fault tolerance, incorporating fault tolerance at the operating system level can be an inexpensive solution. Such software should make two copies of file allocation tables and directory entries and put them on different risk cylinders. It should also be able to run internal
checks and perform periodic selftests on the disk drives. Transactiontracking software assures that either all disk updates within a transaction are written to disk or the transaction is aborted. Other areas considered in the article are a consistent power supply, solutions to hard disk failure, and the calculation of downtime costs to see the relationship between the faulttolerant solution and the downtime cost. Government Computer News, February 19, 1988, pp. 31, 42. Voice, Finger and Retina Scans: Can Biometrics Secure Your Shop?,]unet Fiderio. Biometric
security products authenticate a person’s identity by digitally measuring a physical or behavioral characteristic. Six biometric technologies are currently available: retina scans; thumbprint or fingerprint identification systems; hand geometry systems that measure and compare finger length, skin translucency, hand thickness or palm shape; voice verification devices; signature verification devices; keystroke dynamics that identify by typing pattern and rhythms. All compare the stored templates with fresh patterns or scans to allow or deny access. Other than cost, a major problem for sales of biometric devices is that products are still evolving. Another problem is user annoyance. Computerworld, February 15, 1988, p. Sl#
Computer Crime: MIS Confronts a Cancer, Jeanne Brokaw
Zida. Computer crime exacts a heavy financial toll. Hard numbers for the cost are d&cult to come by; many corporations don’t even report the abuses. For both federal and private industry, the biggest threat comes not from spies or hackers but from trusted insiders. Security is a multitiered pyramid with software and data encryption products at the top and plain common sense at the bottom. Several software security packages address authentication and auditing; fingerprint scanning devices can aid in authentication. The most secure way to transmit data is to encrypt it. The NSA requires encryption devices on all transmission gear sold to federal agencies. Information WEEK, February 22, 1988, pp. 24-25. Structuring the Data Security Program, Robert P. Campbell.
Without the cooperative efforts of senior management, the information systems department, support functions, and users, a corporate data security program is bound to falter. Yet finding the right organizational structure to support this mix is no easy task. This article offers guidance on how to structure the data security program so that the organization as a whole can intelligently respond to security threats. Auerbach Data Security Management, January-February 1988, 82-01-35.
Planning, ConsultingBoostBiometric Bill, Barbara Sehr. This
VMSECURE: Enhancing VM Security and Control, Steven F.
article discusses the high cost ofbiometric security and the training required. It also includes a glossary of biometric security terms. Computerworld, February 15, 1988, pp. 82-83.
Bland@. VM, the popular IBM operating system, provides a baseline measure of security and control features. Organizations often find it necessary to supplement these standard facilities and to customize
327