Cybercrime hits record levels

 - 
Monday, June 6, 2011

SARATOGA SPRINGS, N.Y.— The impacts of cybercrime on organizations have become increasingly evident in recent weeks. On June 3, defense contractor Lockheed Martin said it had proof that hackers breached its network in May partly by using data stolen from security-token maker RSA, which supplies coded security tokens to tens of millions of computer users, reported The New York Times. RSA was itself hacked in March.

McAfee, the computer antivirus maker, released a report on June 1, which found that in the first three months of this year, six million new malicious software, or "malware," programs were unleashed on the internet, making it the most active first quarter in malware history.

Cyber security is a major concern for all corporations, but for those in the healthcare industry, it is especially concerning because of the risk to patient health and safety. Trying to strike a balance between maintaining high security and allowing accessibility to the system was one of the biggest challenges at Saratoga Hospital, said Gary Moon, information systems security analyst at the hospital. “Traditionally, the only way to increase convenience was to reduce security,” he said.

The hospital started looking into a single sign-on system to make it easier for its employees. “The hospital has multiple applications and systems and separate user IDs and passwords and that was a barrier for everyone,” he said. “It was causing a lot of frustration and was leading people to violate policies.”

It was also making it difficult for management to verify who had access to what information. “For every individual, we have to track their access to each record,” he said. Moon said it was difficult do so because employees were sharing accounts.

As the IT department evaluated different single sign-on options, Moon said it became clear that biometrics could ensure high-security and make accessing the system easier for users. “We realized that biometrics could allow people to sign on to different systems pretty much effortlessly,” he said. Implementing a biometric solution generally eliminated the issue of employees piggybacking and sharing account information.

The hospital began pilot testing a fingerprint reader by DigitalPersona, a provider of authentication and endpoint protection products. Moon said there has been a remarkable shift in employee use. “The great thing is that we’re able to give employees the ease of access with a fingerprint and that increases security and they have to go under their own account every single time,” he said.

Comments

Always good to see the virtues of biometric technology being extolled, thanks for this article. I think as more people realize that biometrics is arguably the only way to truly identify an individual without a shadow of a doubt, they will begin to adopt it not only for SSO purposes, but for other applications such as time and attendance, access control and patient ID -- especially in hospital settings -- to reduce waste and identity fraud in healthcare.

One note of caution about relying on fingerprint technology is that although it is solid, it is not a one size fits all solution and many companies are looking more closely at vascular (finger vein, palm vein) as viable and affordable alternatives to fingerprint.