HID Global's Dan DeBlasio showcases the naviGO system for two-factor computer access.
Photo credit: Photo by SecurityInfoWatch.com
SCM Microsystems smart card reader options on display at the Hirsch Electronics booth
Photo credit: Photo by SecurityInfoWatch.com
Las Vegas, ISC West 2009 -- During today's show, I had the chance to visit with two longtime companies in access control technologies -- Hirsch/SCM and HID Global, and I was impressed how both companies are really prepared for the convergence of access control and identity management.
Over at HID Global, the story of the show is really about the "HID on the desktop" initiative. The quick run-down of this is that HID has been working on ways to leverage its technology and installed based beyond simply physical security. What they've focused on, quite naturally, is the area of logical access control, and their model has been to turn the ID card into the credential that provides corporate (or government) computer and network access. It makes sense, especially considering a common white collar environment where employees badge into office towers each day (often using HID Global associated physical access technologies at some level) and then go to computers where their card sits idle on a reel-type lanyard as they have to type in their username and password to obtain PC access. The goal for HID is to extend that same card that grants building access to become the computer/network identity credential that gets the employee into his or her computer. So the vision is that the employee badges into the building, badges into the floor they work on, and then badges onto their computer.
This isn't an entirely new concept for HID; if you've been following HID Global for the last couple of years, you are probably accustomed to this trend inside the firm. So what makes this worth writing about?
In one word: Dell. HID has landed a deal with Dell such that Dell has a line of its Latitude notebooks which incorporate a card reader "under the hood" -- located just to the side of the mouse trackpad. No longer do users have to connect the USB-corded card reader to the laptop; it's installed from the factory.
But HID is doing more than just seeing readers in Dell laptops. We're now seeing HID unveil a full computer identity management and access solution called naviGO that allows IT organizations to implement two-factor computer log-on. This form of two-factor authentication involves presenting the card (something you have) and presenting the username/password (something you know). Much like you've seen them do in their badge enrollment software (introduced at ASIS 2008), the naviGO system presents a very slick interface for the computer user, and it seems to deal quite logically with issues like "I forgot my card" and "I forgot my password."
Across the show floor, Hirsch Electronics is worth stopping by. They've been in the news for the pending merger/acquisition with SCM Microsystems, a company that has been as heavily involved in logical access control as Hirsch has been in physical access control. As in the past, the Hirsch booth features a showcase of Hirsch's high-security readers and solutions for physical security identification enrollment (the company has really been going after the government access control/identity initiatives. At the same time, visitors to Hirsch also get a chance to examine about a dozen "logical" access solutions that are coming from SCM.
You're probably fairly family with Hirsch, from their RUU biometric/card/PIN station for HSPD-12 access control to the scrambling PIN pad that was one of the company's first products and which continues to be a strong draw for government law enforcement types of clients. What you're probably not familiar with is the whole SCM line. The short SCM summary is that the SCM product line show in Hirsch's booth includes everything from add-on USB-connected card readers used by the Department of Defense to really snazzy, upgradeable Flash drives with card technology inside, to devices used for e-health (e-health typically involves government issued health insurance and benefits cards). The Hirsch/SCM deal obviously hasn't closed yet (and still has shareholder processes to undergo before it could be closed), but just putting your eyes on these technologies side by side (the Hirsch physical security equipment and the SCM logical equipment), and it becomes a "no-brainer" to understand the synergies between these two firms.
In conclusion, there has been plenty of lofty talk about convergence in our industry and how security and IT are all going to "talk the same language". I tend to put my beliefs in trends when I see the tools, software, products and equipment available which allow users to move from "talk" to "doing", and I think I'm seeing that here at ISC West 2009. Check these two vendors out and post a comment below about any other "convergence readiness" areas you're finding in our industry or on the ISC West show floor.