With the push by many end-users to migrate their physical access control systems to the IT network in recent years has also come an increased demand for solutions that can streamline both physical and logical access in a way that is less burdensome on workers. The benefits of implementing such a solution are numerous. Employees would no longer have to keep track of various credentials or memorize multiple passwords to be able to access the physical and IT assets they need to do their job.
The fact is, however, very few companies have come up with a viable solution that can function in both worlds effectively. One firm that is looking to change that is MicroStrategy, a global provider of enterprise software platforms. Earlier this year, the company unveiled its “Usher” software solution, which enables people to leverage biometric and other technology embedded in their smartphone and turn it into a universal credential for physical and IT access systems.
According to MicroStrategy President Jonathan Klein, the company decided to jump into the market when they realized how prominent that mobile technology would become and the transformational power inherent with the proliferation of smartphones.
“We realized that one of the biggest problems out there today was this issue of cybersecurity and the existing solutions to the cybersecurity problem are inadequate as demonstrated with the daily deluge of news about the latest cyber-attack,” said Klein. “Our idea, was that if you took all of your forms of traditional ID – whether it is a username and password to access a logical system, a card reader or physical key to enter into a building, or a driver’s license or credit card – and you dematerialized all of those things into software securely residing on a smartphone that’s cryptologically linked to your phone so it only works on your phone and potentially links to you biometrically though a fingerprint, voice or facial scan; then you can have a hundred or a thousand times better security than we have today.”
Klein said that everyone is struggling with how to protect their physical and logical assets in a way that is simultaneously secure and convenient. Historically, Klein said there has never really been a situation where there hasn’t been a trade-off between the two, so the goal with Usher was to create a solution that was “simple, seamless and secure.”
Although widespread adoption of mobile access solutions has failed to materialize as of yet, Klein said that Usher will allow people to move through their environment in a way that hasn’t been possible before.
“In other words, if you master Bluetooth 4.0 Low Energy and you are able to integrate with Bluetooth beacons, that means now I walk up to my door and the Bluetooth reader outside my office recognizes me, it recognizes my phone and it opens up the door,” said Klein. “A software key would also allow you to procure yourself access to a particular location that you didn’t previously attain access to. MicroStrategy has already built connectors to all of the major access systems, so whether it is Lenel, Honeywell, S2, Datawatch or Paxton, we already, out-of-the-box integrate with them. You don’t have to install new hardware, whatever building you’re already in, all you need to do is deploy Usher, distribute the badges and within hours your employees are moving through your physical space in a highly-secure way. The reason that didn’t happen before is no one had ever built a solution like that and they certainly hadn’t integrated with all of the deep, rich analytics that we offer.”
Essentially, Klein said that all people want is one ID and that once that is securely encrypted to their smartphone, there is no reason to distinguish between physical and logical access.
“I want one employee badge that gets me into the front of the building, up the elevator, into the door that’s leads me to the floor into my office, and then with that exact same badge, I want it to unlock my Mac workstation and I want it to log me into my Outlook, Google apps or Salesforce.com,” explained Klein. “Why should I have to carry four different things? It is almost contemptuous of the user to impose on them all of these requirements to access systems where you just want to move freely through time and space. We believe Usher is that revolutionary, transformational application that will finally obliterate the distinction between physical and logical access means.”
Of course, having a single app or credential that provides so many access rights is a security concern in and of itself, which is why Usher also provides for multi-factor authentication.
“Any single factor of authentication is never secure by itself, whether it is biometrics –who you are or what you are – or your password which is a secret. What we do is combine these multiple factors to provide that extra layer of security,” said Siamak Ziraknejad, vice president of product management for MicroStrategy. “Touch ID (Apple’s fingerprint technology) is only one form of biometrics on the phone that we support, but we also have integration with other voice biometrics vendors. Our platform is agnostic to the vendor you use. We can integrate with any vendor and the organization can design the threshold for security. We’ve built multiple layers of security to not depend on only one factor.”
Additional features offered by Usher include geo-fencing and time-fence access restrictions to keep people out of certain areas or locked out of places during a given time period, as well as dual-authorization where another employee or manager has to be present to allow access. Usher can also provide end-users with analytics with the ability to detect anomalies in the physical and logical access patterns of employees.
“You sit here today and you ask yourself how could it possibly be that anyone is still relying on usernames and passwords? There is a very, very substantial amount of legacy technology that exists today and much of it relies on usernames and passwords and that’s the best solution that has existed to date,” said Klein. “For the most part, the main barrier (to adoption) is people becoming aware of the fact that there is a very clean, easy migration path that can introduce all of this extra security on top of your existing assets. One of the beautiful things about Usher is you don’t have to replace your ID credentialing system, you don’t have to replace your door readers, and you don’t have to replace your logical systems.”
