The changing market for converged security products
16 November, 2009
category: Contactless, Digital ID, Library, NFC
By Scott Howell, Director of world wide marketing, Hirsch Electronics
A number of critical market trends are aligning in an unprecedented manner leading to a market disruption that could dramatically change the logical and physical security arenas.
These game-changing trends include many factors.
Growing need for security
Market demand continues to grow for more effective solutions to secure buildings, information and people to address increasing identity theft, financial data fraud, litigation, attacks by disgruntled workers, network attacks, regulatory compliance pressures, geopolitical threats and more. Organizations are increasingly seeking to establish a significant level of trust for identities/people, information and devices.
Technology maturity
The technology is also advancing and maturing. After decades of sputtering adoption they are seeing dramatic market growth. The market is now embracing these enabling technologies:
Smart cards:
Smart cards and other tokens such as USB flash memory drives containing smart chips are becoming the de facto standard for portability of secure digital certificates.
Public key infrastructure (PKI):
Huge certificate authorities (CAs) have been stood up to utilize digital identities. And massive interconnect trust networks have been established for shared trust using PKI. Digital certificates are almost universally recognized as the best method to ensure effective identity verification and security.
Biometrics:
Advancements in processing power and algorithms have enabled most biometric technologies to realize 99% or greater accuracy. Biometric is now recognized as the best way to ensure the card holder is the card owner.
Physical security products:
Physical security products are increasingly IP-enabled, facilitating new, advanced applications utilizing interoperability with other network devices, applications and databases.
Contactless technology
Data transmission via radio waves has proven itself secure and highly convenient for a wide range of applications such as access, identity and monetary transactions (e-payments). Even emerging technologies such as near field communication (NFC) are seeing rapid transition from the successful pilot to wide-scale commercialization.
Proven implementations
There is a proliferation of countries utilizing digital certificates in a variety of applications, from national IDs to e-health. These successful implementations have helped establish infrastructure, use cases, best practices and have driven down costs.
Mandates
Governments and industry groups are stepping in and mandating that sophisticated systems for identity and security management be applied for a wide range of applications including electronic passports, citizen identification cards, banking, voting and welfare services.
Vulnerabilities of digital assets
Advanvced ID technologies are also being used to protect digital assets. Computer log-on is most commonly secured by a single authentication factor–the password. Cybersecurity experts repeatedly point to the extreme risk inherent in password-only access and proof stories are starting to gain traction. Just as PC manufacturers are starting to offer hard drive encryption as standard, similarly smart card log-on, encrypted e-mail and digitally-signed documents will soon become the norm.
Convergence
Several technologies and organizational factors are converging:
Convergence of physical security and IT:
Physical security products have moved from dedicated networks to IT’s networks and from myriad protocols to one protocol–IP. This not only eliminates a physical network of wires and lowers costs, but also provides a common infrastructure and communication protocol to facility interoperability.
Convergence of physical and logical security:
Organizations increasingly demand a single card to access both building and computers. This functionality enables companies to utilize a person’s physical access as a policy for network access, defeating external hackers in the process.
Convergence of credentials:
Organizations and countries continue to implement multipurpose cards with credentials that can be used for multiple applications, such as, facility access, computer log-on, payment, identification (voting, welfare services, etc.) and health records.
Convergence of responsibilities and needs:
Organizations are changing the way they evaluate, buy and utilize identity and security solutions. Due to technology convergence and the critical nature of these deployments, the IT department, physical security team, facility management, and executives must all work together to evaluate and install a security solution. Security objectives must now align with and support the overall organizational objectives.
Convergence of knowledge:
Identity, credentialing and access management is evolving into a formal discipline with established best practices.
Lower costs, improved services
Organizations are realizing lower costs and better services through digital identity systems. The health care industry is one sector that is aggressively applying security and identity technologies to safeguard patient health records, improve patient care, and streamline claims management.
Success and return on investment (ROI)
There is an increasing recognition that effective security can lead to organizational success. The effects of a single breach–costs of remediation, loss of customers, litigation, penalties and reputational costs–can put a company out of business. Therefore, organizations are increasingly seeking to establish a significant level of trust for identities/people, information and devices. Through trust and security, companies can achieve sustained, profitable growth and continuity by utilizing effective security and identity management systems to mitigate risks, reduce potential liabilities, vet identities, enforce policies, prevent negative incidents, avoid and defend against lawsuits, reduce insurance premiums and claims, comply with regulations, pass audits, and ensure privacy of personal information.
As these trends indicate, the security and identity market is truly in the midst of dramatic change.