February 2010


This week, the HID Global logical access control (LACS) team is demonstrating at HIMSS in Atlanta, GA and RSA in San Francisco, CA,. These shows are arguably the top shows in North America for Healthcare IT and IT Security, respectively.

I'll be attending both events and I am excited to discuss the future of access control and strong authentication with other leaders within the industry.

At HIMSS, I anticipate significant buzz about the HIGH TECH Act and the deadline which just recently passed. The Healthcare provider market typically requires systems to be both secure and convenient. Yet traditionally, security and convenience have sat at opposite sides of that spectrum. While it's relatively simple to create a secure system, if it's not user friendly, clinicians and physicians will find a way to bypass it. Interestingly enough, HID has always been positioned at the intersection of security and convenience.

HID has made it easy for companies and healthcare facilities to secure their buildings and has made it convenient for the end-user to unlock doors. As more and more HID badges are used to access PCs and networks, I'm curious to understand the drivers behind this move. Are end-users using our products because HID makes it easy to access their systems? Or is the main driver the fact that the employer can enforce a secure two-factor authentication for PC and network access? I'll be asking this question at both HIMSS and RSA during the week, and while I believe those attending HIMSS will say that convenience is the primary driver, I expect to get a different answer at RSA, where IT security will be discussed ad nauseam.

I’d like your input: What do you think is the primary driver for using an HID badge for both network authentication and physical access? Please respond to our quick poll below.

<a href="http://www.hidglobal.cn/%3Ca%20href%3D"http://answers.polldaddy.com/poll/2764718/">http://answers.polldaddy.com/poll/2764718/">What do you think is the primary driver for using an HID badge for both network authentication and physical access.</a><span style="font-size:9px;"><a href="http://www.hidglobal.cn/%3Ca%20href%3D"http://answers.polldaddy.com">http://answers.polldaddy.com">trends</a></span>


To see how others responded, click view results.

If you're attending either show, be sure to swing by our booth and give us your opinion. I hope to see you there.

HIMSS - HID Global Booth #9115
RSA - HID Global Booth #2317


Any Olympics Games, like the current Winter Olympics in Canada or the 2012 Olympic and Paralympic Games soon to take place in London undoubtedly pose a huge challenge for organisers in terms of security.

During the Games, organizers will have to safeguard the personal security of 14,000 athletes, 600 coaches and officials, and 20,000 media representatives. On top of this, they’ll need to make sure that everyone gets speedy and convenient access to the relevant events.

An organisational challenge on this scale needs robust and reliable IT security infrastructure. Smart card technology has already been successfully used at the Beijing Olympics in 2008, with many believing that it will form the basis of the first cashless and paperless large-scale Olympics. So how would this work in practice?

One option is that spectators would buy their tickets online, then take them to a kiosk at the venue where they would be identified based on at least two factors; for example, facial recognition and fingerprinting. The smart cards could carry biometric and iris recognition information.

This data would be incorporated into an integrated contactless payment card, which the spectator could use at the kiosks to purchase transport tokens and to fund the card for purchases. Essentially, this means that no one could use another person’s card and the absence of cash should cut down on time spent queuing for events.

The more we rely on technology, the greater the potential for it to be misused to disrupt the smooth running of the Olympics. Paradoxically, the answer to these challenges lies in the technology itself: smart cards have the flexibility to deal with the wide array of information security and access control risks that could arise at the Olympics. They are also presenting organizers with a valuable chance to enhance the visitor experience for spectators, manage cash flow and monitor security and identification issues.


Around the world, businesses are facing more security threats than ever before.

Breaches of confidentiality, crippling cyber attacks and data theft by their own employees are among the issues that can seriously damage a firm’s reputation, eroding the confidence of investors and the market.

One of the best ways to safeguard against threats like these is to protect physical and logical access to high-value resources and sensitive data with an identity and access management (IAM) solution. IAM is fast securing its position as a cornerstone of information security, with a growing number of organisations recognising its potential in terms of cost savings, better service levels, tighter IT governance and improved regulatory compliance.

At the present time, the take-up of IAM solutions remains relatively low among the business community, with cost cited by many companies as the main barrier to adoption. The ravages of the recession have blown a sizeable hole in the IT budgets of many organisations, with IT security sometimes dropping down their list of priorities. But there is a danger here: when a company slashes its IT budget, it can often leave itself dangerously exposed to security and financial risks.

In the end, it all comes down priorities: more organisations are weighing up the costs of IAM solutions against the potential costs of reputational damage, security breaches and non-compliance and realising that IAM can offer them outstanding value by saving time and money while protecting their most valuable assets.


Identity and access management (IAM) has long been a prime concern for the UK’s police forces.

There are thousands of officers needing fast and secure access to data and facilities. The National Policing Improvement Agency (NPIA) has launched a review of IAM processes used within the police force that is designed to bring together the multiple systems currently used by the force in the best way possible.

As a core part of its review, the NPIA wants to equip all police officers and civilian staff in the UK with a single-user multi-application smart card that combines logical and physical security. With police increasingly accessing confidential data via mobile devices, in-car units and station-based PCs, a solution that allows access to systems from any location will also cut travels costs and reduce time spent on administrative tasks. What’s more, it would eliminate the IT and administrative costs incurred each time an officer forgets a username or password.

And with police facing constant demands to be a more visible presence on our streets, a single smart card will also help minimise downtime spent on paperwork, freeing up officers for frontline policing.

The cost of implementing and deploying a new, nationwide IAM system is understandably an important consideration, as with all areas of the civil service, where the taxpayer has a particular interest in how their money is spent. However, the potential benefits are compelling, for the taxpayer as well as the police.

At a time when the threats to our security are set to proliferate, smart card technology will be positioned at the vanguard of protecting officers and civilian staff, as well as safeguarding sensitive public data. And investing in an IT solution that not only saves public money but protects the public from crime is surely an investment worth making.