Touching SAP data: user access and biometrics
Biometrics: the word alone conjures the enormous post-9/11 hype over facial recognition. The promise was the technology would catch all terrorists as they moved through airports. While the hyperbole sold, the technology didn’t deliver. The Boston Globe reported in September 2003 that Boston's Logan Airport face-recognition trials were halted when error rates exceeded 50 percent.
While biometrics isn’t a cure-all, it does have more realistic enterprise application. In an era of Sarbanes-Oxley holding CEOs accountable for their company’s financial statements, it helps to know exactly who touched the financial database, and when they touched it. Smart cards, passwords, and key fobs will record when each of those devices was used—but who was on the other end? Presumably it was the person to whom the device was issued. Without corroborating evidence, however, it’s still in question.
By Mathew Schwartz at Enterprise Systems.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.