SDR NEWS BRIEFS
April 2, 2004 1:01pm
Security Director's Report
* What are security users buying? Smart cards, access control, and integration. Some 39% of the Fortune 500 will use smart cards to enhance security by 2006, according to the U.S. Corporate Security Systems Study, conducted by consulting firm Frost & Sullivan (F&S, New York City; 877-463-7678; www.frost.com). The study found that 30% of Fortune 500 companies are currently using or testing smart cards within their security systems, and 63% of Fortune 500 executives have/are investigating smart cards for network security. Access control is also on company shopping lists, according to a new market research by the Freedonia Group (Cleveland; 440-684-9600; www.freedoniagroup.com). The firm predicts 10% annual growth in the market through 2007 with biometrics the fastest growing market segment. Finally, new F&S analysis of the U.S. Government end-user security markets finds that the $8-billion industry could double by 2009. The hottest trend? Integration. "Customers are looking for systems that can incorporate diverse applications such as security, time and attendance, and building controls," according to Deepak Shetty, a Frost and Sullivan analyst.
l... but some companies appear to be "done" with security-for now. A recent survey of 270 companies-with an average size of roughly 350 employees-finds that companies have been much busier implementing security in the past three years than they plan to be in next 12 months ("Workplace Violence Survey," January 2004, Society for Human Resource Management, Alexandria, Va.; 800-283-SsHRM; www.shrm.org).
Implemented Between Plan to Implement in
Security Measure Jan. 2000 to June 2003 Next 12 Months
Limited public access to all or portions of the building 44% 2%
Added a check-in or sign-in desk to screen visitors 40 1
Increased lighting on the grounds and/or parking lot 32 1
Installation of access card entry systems 29 4
Issued ID cards to employees and visitors 29 3
Video surveillance inside the building 23 1
Video surveillance outside the building 20 3
None-have not implemented any measure since 1/1/2000 16 -
Security guards patrol grounds and/or parking lot 14 1
Placed security guards inside the building 13 0
Escort service to/from parking lot for employees after hours 7 0
Placed metal detectors at building entry points 4 0
Cabs for employees working late 2 0
* Many companies are slow to revoke network access. Nearly 50% of companies take longer than two days-some up to two weeks-to remove network and voice mail privileges for terminated employees, according to a study by Stanford University and the Hong Kong University of Science and Technology ("Exploring Secure Identity Management in Global Enterprises," 2003). The study also found that companies that implement secure identity management systems not only cut risk-they save money. For very large companies, secure identity management can drive down help desk costs by more than $1 million annually.
* Security technology R&D yielding interesting results. SDR research into emerging security technology finds these interesting advances coming your way:
- "Vein scanner" biometrics systems that use the pattern of veins on the back of the hand for identification. It promises to be more reliable and tougher to trick than fingerprint scanners.
-A new "digital watermark"-used to authenticate electronic documents-that is effective in documents with black text on a white background. Watermarks are easy in a color or gray-scale images but traditional methods produce a visible irregularity in black and white documents. However, researchers are perfecting software-which should soon be part of commercial document-verification systems-that subtly alters pixels in small blocks along the edges of letters, where the changes are virtually unnoticeable.
-Better, more affordable generation of encrypted cell phones. "For [companies] interested in encrypted mobile devices, there is hope on the horizon in the form of voice encryption software being developed for Pocket PC-based terminals," according to a January report from The LUBRINCO Group (www.lubrinco.com) and Financial Examinations and Evaluations, Inc. (www.feeinc.com). If the technology reaches its commercial potential, companies should consider shopping soon for more secure cell phones for employees in sensitive executive positions.
* CCTV cuts crime. In Britain there is one camera for every 14 or so citizens, and 500 towns now employ camera systems. Whether such systems cut crime is still the subject of debate, but one recent study, published in the scientific journal Injury Prevention, suggests they do ("Effect of urban closed circuit television on assault injury and violence detection," September 2003; p. 312-316). Following the introduction of CCTV surveillance in five study towns, researchers tracked a 3% decrease in assault-related visits to emergency rooms and an 11% increase in police detection of violence. During the same period in five control towns without the CCTV intervention, researchers noted that assault-related emergency room visits had increased 11% and that police detection of violence had increased only 5%. The researchers concluded: "CCTV surveillance was associated with increased police detection of violence and reductions in injury or severity of injury."
l... but image quality can hamper its effectiveness. The FBI complains that the poor video images that banks and other businesses provide to them often hinder their ability to capture criminals. As a result, it's sponsoring the Scientific Working Group on Imaging Technologies (International Association for Identification, Mendota Heights, Minn.; 651-681-8566; www.theiai.org/swgit) to develop guidelines that commercial end-users of CCTV can follow to improve image quality. We expect that plaintiff's attorneys-because the guidelines will have the FBI's stamp of approval-might evoke them in future lawsuits, which means businesses will have to look carefully at complying with the guideline's recommendations or else have a compelling reason for doing things differently. As of now, it appears the guidelines will be calling for less compression of video images, positioning of cameras to obtain more facial close-ups, and encourage the use of a nonproprietary format for digital files to facilitate the sharing of images with law enforcement. No due date has been set for the release of the new guidelines, but we'll alert you when they are available.
* DHS unveils National Cyber Alert System. The Department of Homeland Security has announced a new system designed to relay threats and timely information on cyber security issues. Individuals and businesses can sign up online (www.us-cert.gov) to receive bi-weekly tips, a bi-weekly bulletin summarizing security issues, and cyber security alerts regarding immediate security threats.
Copyright © 2004 Federal Information & News Dispatch, Inc.
hoovers.com
steve |
