USB Token For Authentication: Handy Keys
IT departments and IT professionals will be updating and upgrading the systems and other gadgets with the latest available technologies. It is imminent to go for change to unleash the power. As technology reaches new heights, security of information systems should also be beefed up and it is essential that access to systems and applications should fall into right hands. Lets take a look at five new technologies that will play dominant role in the coming years.
There is a growing need for two factor authentication. ‘USB authentication tokens’ or the USB token can be used to gain access to systems, applications and networks. These USB tokens can easily be carried by employees just like key chains. These new security devices are going to replace the traditional smart cards used in IT divisions.
The disadvantage with smart cards when compared to USB token is that the bulky smart card reader is to be attached to a server or computer from where the smart card has to be punched. The new USB token system will not need such kind of readers as everyone can carry an USB token with them.
The user will be simply inserting the USB device (USB token) and will get access to the system, networks and applications as per the privileges extended to him by the administrator. Other advantages of using the USB tokens are that it is possible to monitor the user from the time the user logs in to the system and until he logs out of the system. It seamlessly integrates with the two factor authentication of private key and digital certificates within the device. The user can access any system in the network with a single USB token and single password to gain access to multiple services.
Built-in biometrics is another evolving technology and it is already in place with some laptops and thinkpads. With the advancement in circuitry and miniaturization major laptop brands including HP, Dell and Lenovo are jumping into next generation of security measures. Finger prints and iris recognition software will accomplish this task quite successfully. Manufacturers are planning to embed the software right into the system software (BIOS) so that the user will be prompted to enter his biometric credentials even before the OS loads into memory.
The sensitive data stored in the system should be encrypted so that it will not fall into wrong hands. Even IT administrators and those who are responsible to implement security systems stress the need to safeguard the data. It is difficult to accomplish the task in practical point of view. There is a chance that an individual may forget the task of encryption of data or may forget how he has encrypted.
Automated encryption is the solution for these kinds of problems. With the self encrypted hard drives the data will be encrypted and decrypted automatically. User need not take any initiative to accomplish the task except the installation of systems capable of performing these tasks.
Internet is not a safe place to transfer the data. The computer should be robust enough to withstand online financial transactions. To achieve this Extended Validation Secure Socket Layer (SSL) Server Certificates technology gives indication to know whether the site you are dealing with is a secured site or non-secured site. The next generation of security systems in browsers and applications will warn you when you come across popup ads, spam and viruses when you are accessing data from the internet.
Usage of smartphones and PDAs are increasing at a fast pace. Though a USB token is used an authentication for access to devices, Safeguarding sensitive data present in the mobile and protecting from the virus are important concerns to be addressed in mobile phones. In future, mobiles will be fitted with firewalls, anti-virus and data filtration software. Another viable option is ‘remote wipe and kill‘ feature. This feature can be deployed when the mobile lands into wrong hands (theft). The handset will be locked permanently after a specified number of unsuccessful access attempts.