Secure Credentials in a Network Environment

Locks aren’t all you’ll need to secure the benefits of networked printing.

Technologies are converging all around us. Data networks connect more people and devices, and more of our assets are information-based. Thieves use technology to take advantage of our network-dependent society. Identity and data theft are becoming as common as physical crime, so computer-based security has become paramount to protecting the enterprise.
If we can properly identify people and network devices, we’ll have mastered an essential deterrent to crime in this Internet age. A simple, printed ID badge or surveillance camera is not enough anymore. Now, IP cameras send surveillance images over the network, and electronic credentials authenticate users to the computer network. Proper identification can help make sure that only the right people are on the premises and on the network.

Card credentials are the first line of defense for the enterprise security professional. As credentials become more sophisticated, so do the systems of issuance. In the past, most credentials were printed in large, central facilities where brick and mortar, along with a number of surveillance cameras, secured the issuance process. However, in today’s world of networks and mobile employees, many organizations require instant issuance at the point of need. The Department of Defense, which has issued millions of Common Access Cards for service personnel and their families, exemplifies this strategy. They deployed individual printers to issue cards at bases where needed and set up groups of printers in temporary issuance sites to enroll larger groups.

The value of instant issuance comes from the flexibility of the system. Several printers can be networked together in a single area to manage large-scale issuance of credentials, which are then distributed to the point of need. Instant issuance is more adaptable for small batches, badge replacement, visitor management and contract employees.

You can use issuance security management tools to monitor the issuance process over the network. Using networked card production and intelligent network monitoring, you can detect fraudulent card production in real time. Using central facilities, on the other hand, requires a large capital investment and a secure way to transport cards, and it doesn’t provide the flexibility of small batch printing. If you have to mail cards or wait for an ID for a new employee, you’re adding to your security concerns.

If you want secure, instant, distributed issuance, you must take both physical and network security precautions.
Surveillance cameras are valuable tools for monitoring credential issuing locations. But since surveillance systems require constant monitoring, it’s a good idea to add network security monitoring as well. Intelligent programs provide an automated way to monitor the issuance process.

Lock up valuable supplies like cards, color ribbons and security holograms in lockable printer hoppers and supplies cabinets. (Some sites even create cabinets for printers and computers.) To add even more security, keep these valuable supplies in an inventory vault that is monitored over the network. This helps make sure they are only used to make valid credentials.
The equipment used to finalize the credential—including the card printer, data encoders, and security overlaminate equipment—should be authenticated to the network and monitored for misuse. Automatically disable issuance equipment that is stolen or misused, and set up alerts to be transmitted to the appropriate network manager.

This content continues onto the next page...