Video RSA: From Apple Keys to Biometric Security Devices (Video) 21
Philip: My name is Philip Bruno. I am the vice president of marketing and sales at Key Source International. I’ve been with the company for 30 years, and our main function is supplying desktop security and products that integrate into the major single sign-on products from IBM, CA, Imprivata, and any of the products that require biometrics or RFID as a log-on and secure access to the desktop.
Tim: Now you are standing next to a stack of a couple different options in this. What sort of log-in authentications do these offer? What do they do here?
Philip: Yeah, our primary method is biometrics. And that is a particular product that we use a lot in healthcare because it replaces the user name and password that has to be entered for endless numbers of patients’ records and all the electronic health records that they use. It integrates easily with a single sign-on. We can use dual factor by using a card, the same card that you use everyday to get in the door at your building, we can take that from physical access to logical access and couple it with the biometric. So that you have what is called a one-to-one authentication which eliminates 99.9% of false positives.
Tim: Now what do these cost? What do they cost?
Philip: The general range is anywhere from around $199 down to $99. It depends on how you configure it, and how many you buy. It is based on economy of scale. We don’t sell retail. Everything we do is business-to-business; high level of support, 5-year warranty; and we work with some of the biggest players in the world. Some of our customers are large cell phone companies like Vodaphone in Europe, the United Nations, a lot of major retailers and hundreds of hospitals across the world.
Tim: Now you are selling hardware that integrates with software?
Philip: That’s correct.
Tim: But once somebody buys this product, do they have to have a subscription or anything like that, an ongoing software relationship with you, or does the hardware then just interact cleanly with the software they bought from IBM?
Philip: No, we make sure that all our products is certified with our software partners. So they generally plug-and-play. We really haven’t any situation where they can’t get it to work, because we so tightly integrated it into both the interface for biometrics as well as for logical access with RFID.
Tim: Okay. Now I asked you before I started shooting about a USB port, so I wonder if you could revisit that, tell me about your
Philip: There are a lot of USB ports where people can plug in a mouse or a USB storage ____2:55. Well, we learned very early on that a lot of people don’t want those because of the fact that it is an open port and it makes the product very insecure. So we’ve eliminated those ports, so that we have a secure encrypted line into the computer and then into the application software.
Tim: Now besides initial access which you’ve got here with the biometrics and with the card reader, another thing you showed me before is about walkaway protection. Could you demonstrate how that works? Can you talk about that?
Philip: Yeah, sure. Come on over here. I will show you. Using an RFID badge to log on using the logical access, you can put it on and you log on, but probably the most important part of security is not necessarily the log-on but it is the log-off, and so we automate that process. So as I walk away, the unit will lock when it no longer senses that I am there, which is a really important part. We have a large healthcare provider in the Midwest that uses thousands of these, and they love the product because it works, and works well. And they can comply with HIPAA because there are a lot of regulations in healthcare for patient privacy. So this particular product is a lifesaver for that or anybody that needs to lock down a workstation when it is unattended. Time outs by using the screen saver just don’t work.
Tim: Now why do you say that? Why don’t they work?
Philip: Well, because a lot of times people set them for far too long. And what happens when they do that, is that basically they will leave, and it may be 5, 10, 15, or 20 minutes or longer before the screen locks. And it becomes quite vulnerable. So the great thing about this here is you can set the distance, and the timing so you are going to have it lock almost instantaneously. So you’ve got a secure environment. There are customers that we have that with their screen savers unattended, and they are not around, and it is open, and then they basically can lose their jobs. So it is pretty critical.
Tim: Is this sold to the military?
Philip: Well, government usage and healthcare is the primary usage for this in particular here.
Tim: And what technology is actually detecting the user is there at the keyboard?
Philip: It is actually pretty simple technology. It is just sonar. It is just bouncing waves off of me and sensing that I am there, a lot of people say well I’ll put something up against it like this, and that will fool it, but that actually doesn’t; what happens is that the sonar will finally realize that there is absolutely no movement because you are breathing, so the algorithm says someone’s trying to fool it, and it will lock the computer.
Tim: You’ve got a very short window to pop in somebody’s chair there?
Philip: Yes.
Tim: Okay. And what do these cost? You mentioned the other ones are around $200?
Philip: These once again run around $150 to $100 depending on quantity, just with the sonar portion.
Tim: Okay. Great. Now I want to ask you, you said you’ve been with this company for 30 some years.
Philip: Correct.
Tim: And I’m sure you haven’t been making USB keyboards since 30 years ago. How did it start out?
Philip: No. Actually we started out making push buttons and key caps for the original Apple 2. And for Atari and Texas Instruments, the 99/4A. And then we slowly migrated into developing custom keyboards for people like Mead Data Central and TRW Financial Systems and for the airline industry where we gave the customer highly programmable and definable keys that cut down on the training time.
Tim: Okay. And where do you see the next products coming? This kind of security, the end point stuff, what else is on your radar?
Philip: Well, I think the biggest thing that we see is that cloud computing is going to make the desktop more vulnerable, not less. So we see things moving towards biometrics, BYOD, Low Energy Bluetooth, and so there is a lot of things that are going to happen. Perhaps when Apple comes out with biometrics on their iPhone, it will lend a little bit more credibility at least from the consumer end but also from the business end. And we are going to move more into mobile, providing mobile security solutions for iPads, iPhones and Androids and that type of thing.
Tim: Great. Anything else I should be asking you about?
Philip: No. That’s about it. I don’t want to give away all the company’s secrets.
Tim: All right. Perfect. All right, thanks very much.
Philip: Thank you.
Re: (Score:2)
.
Hey, did you notice how every comment downrating this article has been modded to (-1) immediately? There's only one comment at (+2) and one comment at (+1). It's almost as if the down-moderations are being done by someone with editor-level powers or maybe even a higher-higher upper-up muckity-muck. Rob-limo-u-sine-O, is this your doing at feeling insulted and
Re: (Score:1)
Good observation. I suppose we should consider ourselves lucky not to have received the Slashdot Death Sentence (IE your karma is marked negative forever).
Re: (Score:3)
score . . . . . number of comments
-1 .
Re: (Score:1)
Huh.
Surprised they noticed...
biometric non-security (Score:3)
Lets say that a website knows who I am by the way I type. A man in the middle attack can get those statistics, duplicate it, and I am forever compromised.
I think biometric falls on the convenience side of the security issue, at least for now. I am not convinced that it could fall as easily as a dictionary attack for a password.
Re: (Score:1)
But if your key is an apple you've got to change it every couple of weeks.
Product placement (Score:2)
As someone who has been reading Slashdot almost since it began (5 digit UID) and who has "Excellent" Karma, I have to add my voice and agree that this kind of blatant product placement is extremely annoying. If there must be advertisements, then there must, but they should be visually separated from the news content and clearly labeled as advertisements. If Slashdot continues this way it will lose the loyalty of its longtime staunch readers such as myself and become just Yet Another Tech News Site only in