These are the advantages and possible problems in using the following security technologies:
1. BIOMETRIC
The advantages of biometrics are the person is the key so you need never remember your card or key again. Each body part is unique and Biometrics uses your unique identity to enable a purchase activate something or unlock something. Biometrics encompasses Voice, Vein, Eye, Fingerprint, Facial recognition and more.
These are also the advantages of Biometrics:
a. Increase security - Provide a convenient and low-cost additional tier of security.
b. Reduce fraud by employing hard-to-forge technologies and materials. For e.g.Minimise the opportunity for ID fraud, buddy punching.
c. Eliminate problems caused by lost IDs or forgotten passwords by using physiological attributes. For e.g. Preventunauthorised use of lost, stolen or "borrowed" ID cards.
d. Reduce password administration costs.
e. Replace hard-to-remember passwords which may be shared or observed.
f. Integrate a wide range of biometric solutions and technologies, customer applications and databases into a robust and scalable control solution for facility and network access
g. Make it possible, automatically, to know WHO did WHAT, WHERE and WHEN!
h. Offer significant cost savings or increasing ROI in areas such as Loss Prevention or Time & Attendance.
i. Unequivocally link an individual to a transaction or event.
The disadvantages are numerous however: criminals have been known to remove fingers to open biometric locks, Biometrics requires a lot of data to be kept on a person, these systems are not always reliable as human beings change over time if you are ill; eyes puffy, voice hoarse or your fingers are rough from laboring for example it may be more difficult for the machinery to identify you accurately. Every time you use Biometrics you are being tracked by a database bringing up a range of privacy issues. The final disadvantage is the expense and technical complexity of such systems.
There are some possible problems in using it. Like the following:
a. The finger prints of those people working in Chemical industries are often affected. Therefore these companies should not use the finger print mode of authentication.
b. It is found that with age, the voice of a person differs. Also when the person has flu or throat infection the voice changes or if there thereare too much noise in the environment this method maynot authenticate correctly. Therefore this method of verification is not workable all the time
c. For people affected with diabetes, the eyes get affected resulting in differences.
d. Biometrics is an expensive security solution.
2. ENCRYPTION
There are many reasons why you should use encryption programs to keep your personal and confidential information protected and secure either when you left your computer unattended for a long period of time or when you want to share your computer with someone else. You may also want to encrypt your data to prevent hackers from accessing your sensitive information when you are connected to the internet.
In general, encryption programs and other types of data security software offer security against many viruses, worms, spyware, hackers, crackers and several other programs which are developed to creep into your Operating System and destroy the hard drive without your knowledge.
However, encryption programs are primarily concerned to protect your data from getting accessed by unauthorized users like hackers and crackers. Many encryption programs will also help you in preventing identity theft which affects more than nine million Americans on yearly basis.
Encryption programs will also help you in preventing hackers and crackers in their tracks and let you keep your privacy intact while you are online; this is an additional benefit of using an encryption program. Furthermore, some encryption programs will also allow you to keep your encrypted data in your removable devices so that you can access it anywhere. This is perfect for those people who are always on the go.
Some of the other benefits of using encryption programs are listed below:
a. Complete security of your encrypted files.
b. Encrypted files cannot be accessed, read, modified and edited without correct password.
c. Encrypted files and folders are delete proof.
d. Verification is required to access encrypted data.
e. Encryption program also offers the feature of file shredding which let you shred your data after moving them to your encrypted locker. This feature enhances the security of your encrypted data.
f. Encrypted locker cannot be deleted without the correct password.
g. You can send encrypted data over email and can keep them in your portable drive.
h. You can even keep a safe online backup of your encrypted files without any fear of data lost or theft.
i. You can also burn your encrypted data on your CDs and DVDs.
j. Some encryption programs also offer Virtual Keyboard feature which prevents any possible key logging attempt.
Although the developments in the field of Information Technology has revolutionized the way we conduct our business or look for a job but it also poses a risk of identity theft and privacy breach. So, you should always use an encryption program to keep your valuable and confidential data safe and secure.
In using encryption, there are also some advantages. Like in the list below:
a. If you forget your passphrase and/or keyfile then there is almost no chance of recovering your data.
b. Some forms of encryption only offer nominal protection and can be broken easily with the right program e.g an older ZIP archive or Word Document.
c. Some encryption programs are too complicated for the everyday user and they may end up using them incorrectly. This could lead to securing data which they did not wish to encrypt or failing to encode data which they did wish to protect.
d. The very existence of encryption programs or encrypted files will attract suspicion as to what it is you are trying to protect whereas a non-encrypted system would not attract the same level of interest.
e. With reference to the above point, in certain countries such as the UK, Police can use legislation to compel you to reveal passwords to encrypted data. You could face jail time if you failed to comply.
f. Certain types of encryption software are banned in some countries. For example, US versions of the program PGP cannot be exported outside the country.
g. As Encryption protects your personal data e.g bank details, love letters etc. it also protects drug dealers who make deals from having their messages intercepted, terrorists planning attacks and paedophiles peddling child pornography.
3. ACCESS CONTROL SOFTWARE
It is a system that enables an authority to control access to areas and resources in a given physical facility or computer-based information system. An access control system, within the field of physical security, is generally seen as the second layer in the security of a physical structure.
Access control is, in reality, an everyday phenomenon. A lock on a car door is essentially a form of access control. A PIN on an ATM system at a bank is another means of access control. The possession of access control is of prime importance when persons seek to secure important, confidential, or sensitive information and equipment.
Access control systems offer several potential benefits unavailable with a traditional lock and key system. Among the most prominent of those benefits:
a. Convenience: First and foremost, an access control system eliminates the need for multiple keys for you and your employees. Instead, you work with your control device to grant the desired levels of room/area access to each of your employees. Neither you nor your employees need to search your key ring for a different key each time you wish to access a different part of the facility. Instead, the personal identifier will grant access to any part of your facility for which that employee is cleared, and adding or removing users is easier than issuing or retrieving traditional keys.
- Security: This advantage encapsulates both intruders and your employees. There are a number of ways an intruder or employee may surmount the difficulties of a traditional lock, but those concerns are diminished if you’re using an access control system. You choose the access requirements for a particular area, and if those requirements aren’t met then access simply isn’t granted. Additionally, depending upon the power of your access control system, you’ll have the ability to monitor different areas of your facility remotely through computers, security cameras, or both.
- Employee Monitoring: There are many varieties of access control system which have the added benefit of enhanced employee monitoring. If you choose an access control system that works with your employee software, it is possible to gain a wide range of information about the work habits and dependability of your employees. It is possible for an access control system to provide you with a wealth of information about who accessed a particular area within your facility and when that employee accessed that area. As a result it is easier to track employee tardiness or early absence, and the possibility of internal theft is also decreased.
Disadvantages of Access Control Software using:
a. Serial controllers
a. RS-485 does not allow Star-type wiring unless splitters are used
b. RS-485 is not well suited for transferring large amounts of data (i.e. configuration and users). The highest possible throughput is 115.2 kbit/s, but in most system it is downgraded to 56.2 kbit/s or less to increase reliability.
c. RS-485 does not allow host PC to communicate with several controllers connected to the same port simultaneously. Therefore in large systems transfers of configuration and users to controllers may take a very long time and interfere with normal operations.
d. Controllers cannot initiate communication in case of an alarm. The host PC acts as a master on the RS-485 communication line and controllers have to wait till they are polled.
e. Special serial switches are required in order to build a redundant host PC setup.
f. Separate RS-485 lines have to be installed instead of using an already existing network infrastructure.
g. Cable that meets RS-485 standards is significantly more expensive than the regular Category 5 UTP network cable.
h. Operation of the system is highly dependent on the host PC. In case the host PC fails, events from controllers are not retrieved and functions that required interaction between controllers (i.e. anti-passback) stop working.
b. Serial main and sub-controllers
a. Operation of the system is highly dependent on main controllers. In case one of the main controllers fails, events from its sub-controllers are not retrieved and functions that require interaction between sub controllers (i.e. anti-passback) stop working.
b. Some models of sub-controllers (usually lower cost) have no memory and processing power to make access decisions independently. If the main controller fails, sub-controllers change to degraded mode in which doors are either completely locked or unlocked and no events are recorded. Such sub-controllers should be avoided or used only in areas that do not require high security.
c. Main controllers tend to be expensive, therefore such topology is not very well suited for systems with multiple remote locations that have only a few doors.
d. All other RS-485-related disadvantages listed in the first paragraph apply.
c. Serial controllers with terminal servers
a. Increases complexity of the system.
b. Creates additional work for installers: usually terminal servers have to be configured independently, not through the interface of the access control software.
c. Serial communication link between the controller and the terminal server acts as a bottleneck: even though the data between the host PC and the terminal server travels at the 10/100/1000Mbit/s network speed it then slows down to the serial speed of 112.5 kbit/s or less. There are also additional delays introduced in the process of conversion between serial and network data.
d. IP controllers
a. The system becomes susceptible to network related problems, such as delays in case of heavy traffic and network equipment failures.
b. Access controllers and workstations may become accessible to hackers if the network of the organization is not well protected. This threat may be eliminated by physically separating the access control network from the network of the organization. Also it should be noted that most IP controllers utilize either Linux platform or proprietary operating systems, which makes them more difficult to hack. Industry standard data encryption is also used.
c. Maximum distance from a hub or a switch to the controller (if using a copper cable) is 100 meters (330 ft).
d. Operation of the system is dependent on the host PC. In case the host PC fails, events from controllers are not retrieved and functions that required interaction between controllers (i.e. anti-passback) stop working. Some controllers, however, have peer-to-peer communication option in order to reduce dependency on the host PC.
e. IP Readers
a. In order to be used in high-security areas IP readers require special input/output modules to eliminate the possibility of intrusion by accessing lock and/or exit button wiring. Not all IP reader manufacturers have such modules available.
b. Being more sophisticated than basic readers IP readers are also more expensive and sensitive, therefore they should not be installed outdoors in areas with harsh weather conditions or high possibility of vandalism, unless specifically designed for exterior installation. A few manufacturers make such models.
c. In the past, the variety of IP readers in terms of identification technologies and read range was much lower than that of the basic readers. However, with the advent of long range multi-technology readers such as those manufactured by Nedap, Sirit, and a few others, this is no longer so.
NOTE: The advantages and disadvantages of IP controllers apply to the IP readers as well.
4. FIREWALLS
It is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass.
Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. Many routers that pass data between networks contain firewall components and, conversely, many firewalls can perform basic routing functions.
Advantages of a firewall
Firewalls protect private local area networks from hostile intrusion from the Internet. Consequently, many LANs are now connected to the Internet where Internet connectivity would otherwise have been too great a risk.
Firewalls allow network administrators to offer access to specific types of Internet services to selected LAN users. This selectivity is an essential part of any information management program, and involves not only protecting private information assets, but also knowing who has access to what. Privileges can be granted according to job description and need rather than on an all-or-nothing basis.
Firewall related problems
Firewalls introduce problems of their own. Information security involves constraints, and users don't like this. It reminds them that Bad Things can and do happen. Firewalls restrict access to certain services. The vendors of information technology are constantly telling us "anything, anywhere, anytime", and we believe them naively. Of course they forget to tell us we need to log in and out, to memorize our 27 different passwords, not to write them down on a sticky note on our computer screen and so on.
Firewalls can also constitute a traffic bottleneck. They concentrate security in one spot, aggravating the single point of failure phenomenon. The alternatives however are either no Internet access, or no security, neither of which are acceptable in most organizations.