With the revelations that have been brought to light recently regarding the National Security Agency’s domestic and international spying programs leaked last year by former federal contractor Edward Snowden, there has been an increased emphasis within both the private and public sector about insider threats and the potential for security breaches. If an agency with the reach and intelligence gathering ability of the NSA can be compromised, then no organization is immune to such a risk. While traditional access measures have typically focused on stopping threats at the door, there was simply not a solution available until recently that could account for these types of insider threats. With the advent of identity management, however, it’s now possible to track and audit someone’s physical and logical access patterns, which could be the data an organization or federal agency needs to prevent leaks of the size and scope of the NSA breach.
One company on the leading edge of this emerging market category, known as physical identity and access management (PIAM), is Quantum Secure. At the ISC West conference this week in Las Vegas, the company announced that over five million identities are now managed by its PIAM software platform, a new version of which, SAFE 4.8, was also released in conjunction with this year’s show.
According to Rochelle Thompson, the company’s director of corporate marketing, there is still some confusion within the industry between what exactly constitutes a true PIAM solution. However, she said that one of keys to clearing up this confusion is through continuing education of the marketplace. Those education efforts are obviously paying dividends, as Quantum Secure continues to see an uptick in the adoption of its software, especially within particular vertical markets such as aviation.
“Aviation has been a huge vertical (market) for us,” Thompson explained. “I think we’ve closed 11 (sales of our software to) airports in the last three months.”
Just in the last year alone, Quantum Secure’s software has been deployed by United Health Group, Verizon, AT&T, eBay, Maxim Semiconductor, Debswana Diamond Company Ltd, Allina Health, Portland Airport, Massachusetts Port Authority with all Boston-based airports, Port of Houston, Oakridge National Lab, and Idaho National Lab. The company’s existing customers include Adobe, Symantec, Oracle, the U.S. Department of Veterans Affairs, the U.S. Department of Energy and Visa International.
Vik Ghai, CTO and VP of products for the company, said that their message has been and will continue to be around the automation benefits of their software, which enables organizations to manage and control the physical identities of employees, contractors and visitors and their related physical access permissions within a risk-based paradigm. Ghai said that within vertical markets like the energy sector, regulations are really driving their security and operations, which also bodes well for the adoption of their software suite moving forward. Eventually, Ghai said he believes that identity management systems could be advanced enough to where the system would have the ability to shut off access to a facility or network if it detects suspicious activity.
Another product category that seems to be emerging within the industry is that of visitor management. The days of simply writing a name on a sticker and walking around a facility are no longer acceptable in many environments. At ISC West, SIW was able to catch up with Jim Vesterman, CEO of Houston-based Raptor Technologies, which provides visitor management software to over 10,000 K-12 schools nationwide.
According to Vesterman, Raptor’s software provides schools with an electronic log of everyone coming into the building. When someone hands over their government-issued ID to be processed, the system can then simultaneously perform an instant sex offender background check, as well as a custom database check setup by the school – whether it be for banned visitors, known gang members or, more commonly, custody issues.”